{
 "schema_version": "1.0.0",
 "description": "Reverse citation index: for each source, every Apeiris control that references it. Generated from the domain matrices; regenerate with build-xref.",
 "generated_from": "domain matrices + anchor framework_keys",
 "sources": [
  {
   "source_id": "microsoft_rai_standard_v2_2022",
   "framework_refs": [
    {
     "domain": "privacy",
     "control": "DC-01",
     "name": "Personal Data Inventory",
     "requirement_id": "Microsoft Purview Data Map",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DC-02",
     "name": "Special Category Data Classification",
     "requirement_id": "Microsoft Purview Information Protection Classification",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DC-06",
     "name": "Data Purpose Limitation Mapping",
     "requirement_id": "Microsoft Responsible AI Standard v2 — Privacy & Security goals",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DG-01",
     "name": "Data Processing Register",
     "requirement_id": "Microsoft Purview Data Map — lineage tracking",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DG-02",
     "name": "Data Processor Agreements",
     "requirement_id": "Microsoft Product Terms and Data Processing Agreement",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DG-03",
     "name": "International Transfer Mechanism Registry",
     "requirement_id": "Microsoft EU Data Boundary Commitment",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "DG-04",
     "name": "Transfer Impact Assessment",
     "requirement_id": "Microsoft data transfer documentation — customer TIA support",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "DG-05",
     "name": "DPIA Lifecycle Management",
     "requirement_id": "Microsoft Responsible AI Standard v2 — Impact Assessment requirement",
     "fit": "adjacent"
    },
    {
     "domain": "privacy",
     "control": "DG-06",
     "name": "Data Breach Response",
     "requirement_id": "Microsoft Products and Services DPA — security incident notification",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "DG-07",
     "name": "Data Retention and Deletion Schedule",
     "requirement_id": "Microsoft Purview Data Lifecycle Management",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DG-08",
     "name": "Governance Evidence Archive",
     "requirement_id": "Microsoft Purview Compliance Manager — evidence archive",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DS-05",
     "name": "Automated Decision Explanation Rights",
     "requirement_id": "Microsoft Responsible AI Standard v2 — Transparency goals",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DP-01",
     "name": "Encryption at Rest and in Transit",
     "requirement_id": "Azure encryption — at rest and in transit",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DP-02",
     "name": "Pseudonymization Implementation",
     "requirement_id": "Microsoft Purview Information Protection — classification and protection of personal data",
     "fit": "adjacent"
    },
    {
     "domain": "privacy",
     "control": "DP-03",
     "name": "Data Minimization Enforcement",
     "requirement_id": "Microsoft Responsible AI Standard v2 — Privacy & Security goals",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DP-05",
     "name": "Output PII Scrubbing",
     "requirement_id": "Microsoft Purview Data Loss Prevention — generative AI app coverage",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DP-07",
     "name": "AI Telemetry Data Controls",
     "requirement_id": "Microsoft Purview DSPM for AI — AI interaction data governance",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DP-08",
     "name": "Data Protection Evidence Log",
     "requirement_id": "Microsoft Purview Compliance Manager — control evidence collection",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "PM-01",
     "name": "Privacy Incident Detection",
     "requirement_id": "Microsoft Purview Insider Risk Management — risky data-handling detection",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "PM-02",
     "name": "Cross-Context Inference Monitoring",
     "requirement_id": "Microsoft Purview DSPM for AI — AI interaction monitoring",
     "fit": "adjacent"
    },
    {
     "domain": "privacy",
     "control": "PM-03",
     "name": "Purpose Creep Detection",
     "requirement_id": "Microsoft Responsible AI Standard v2 — accountability and ongoing review",
     "fit": "adjacent"
    },
    {
     "domain": "privacy",
     "control": "PM-05",
     "name": "Inference Log Monitoring",
     "requirement_id": "Microsoft Purview DSPM for AI — AI interaction monitoring",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "PM-06",
     "name": "Privacy Breach Notification Management",
     "requirement_id": "Microsoft Products and Services DPA — security incident notification",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "PM-08",
     "name": "Privacy Monitoring Evidence Archive",
     "requirement_id": "Microsoft Purview Compliance Manager — evidence collection and archiving",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "PC-01",
     "name": "Regulatory Obligation Mapping",
     "requirement_id": "Microsoft Purview Compliance Manager — regulatory assessment templates",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "PC-02",
     "name": "Privacy Certification Program",
     "requirement_id": "Azure AI compliance certifications — ISO 27001, SOC 2, ISO 42001",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "PC-03",
     "name": "Jurisdiction-Specific Compliance Package",
     "requirement_id": "Microsoft EU Data Boundary and Jurisdiction-Specific DPAs",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "PC-04",
     "name": "Privacy Program Effectiveness Assessment",
     "requirement_id": "Microsoft Purview Compliance Manager — compliance score and tracking",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "PC-05",
     "name": "Privacy-by-Design Certification",
     "requirement_id": "Microsoft Responsible AI Standard v2 — Privacy & Security goals",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "PC-06",
     "name": "AI Privacy Impact Assessment",
     "requirement_id": "Microsoft Responsible AI Impact Assessment template and guide",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "PC-07",
     "name": "Privacy Governance Reporting",
     "requirement_id": "Microsoft Privacy Report — periodic privacy governance disclosure",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "PC-08",
     "name": "PrivacyAttestation [BASELINE]",
     "requirement_id": "Azure AI certifications — ISO 27001, SOC 2, ISO 42001",
     "fit": "supporting"
    },
    {
     "domain": "agentic",
     "control": "AA-01",
     "name": "Agent Identity Presentation at Tool Invocation",
     "requirement_id": "A5 — Human oversight and control",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AA-02",
     "name": "API Key and Bearer Token Lifecycle Management",
     "requirement_id": "PS2 — Security Policy compliance",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AA-03",
     "name": "mTLS and Certificate-Based Agent Authentication",
     "requirement_id": "PS2 — Security Policy compliance",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AA-04",
     "name": "Workload Identity for Agent Processes",
     "requirement_id": "PS2 — Security Policy compliance",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AA-05",
     "name": "Session Token Binding and Anti-Replay Controls",
     "requirement_id": "PS2 — Security Policy compliance",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AA-06",
     "name": "Cross-System Authentication Chaining",
     "requirement_id": "A5 — Human oversight and control",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AA-07",
     "name": "Authentication Failure Monitoring and Alerting",
     "requirement_id": "RS3 — Ongoing monitoring, feedback, and evaluation",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AA-08",
     "name": "Agent Authentication Evidence Package",
     "requirement_id": "Accountability goals (A1–A5)",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AB-01",
     "name": "Authorized Action Scope Manifest",
     "requirement_id": "RS1 — Reliability and safety guidance",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AB-02",
     "name": "Tool-Call Authorization Policy",
     "requirement_id": "PS2 — Security Policy compliance",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AB-03",
     "name": "Action Reversibility Classification and Gates",
     "requirement_id": "A5 — Human oversight and control",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AB-04",
     "name": "Output Policy Enforcement",
     "requirement_id": "PS1 — Privacy Standard compliance",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AB-05",
     "name": "Prompt Injection Detection and Defense",
     "requirement_id": "RS2 — Failures and remediations",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AB-06",
     "name": "Rate Limiting and Resource Budget Enforcement",
     "requirement_id": "RS1 — Reliability and safety guidance",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AB-07",
     "name": "Behavioral Drift Monitoring",
     "requirement_id": "RS3 — Ongoing monitoring, feedback, and evaluation",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AB-08",
     "name": "BehavioralAttestation Production",
     "requirement_id": "Accountability goals (A1–A5)",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AT-01",
     "name": "Tool and Plugin Registry",
     "requirement_id": "Accountability goals (A1–A5)",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AT-02",
     "name": "Tool Permission Scoping",
     "requirement_id": "RS1 — Reliability and safety guidance",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AT-03",
     "name": "Tool Input Validation and Schema Enforcement",
     "requirement_id": "RS2 — Failures and remediations",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AT-04",
     "name": "Tool Output Sanitization and Integrity Verification",
     "requirement_id": "RS2 — Failures and remediations",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AT-05",
     "name": "Dangerous and Irreversible Tool Access Controls",
     "requirement_id": "A5 — Human oversight and control",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AT-06",
     "name": "Third-Party Plugin Vetting and Sandboxing",
     "requirement_id": "RS1 — Reliability and safety guidance",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AT-07",
     "name": "Tool Usage Audit Trail",
     "requirement_id": "Accountability goals (A1–A5)",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AT-08",
     "name": "Tool Governance Evidence Package",
     "requirement_id": "Accountability goals (A1–A5)",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AO-01",
     "name": "Multi-Agent Trust Chain Documentation",
     "requirement_id": "Accountability goals (A1–A5)",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AO-02",
     "name": "Sub-Agent Authorization and Capability Delegation",
     "requirement_id": "RS1 — Reliability and safety guidance",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AO-03",
     "name": "Orchestration Message Integrity",
     "requirement_id": "RS2 — Failures and remediations",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AO-04",
     "name": "Human-in-the-Loop Gates for High-Consequence Orchestrations",
     "requirement_id": "A5 — Human oversight and control",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AO-05",
     "name": "Orchestration Loop and Escalation Detection",
     "requirement_id": "RS2 — Failures and remediations",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AO-06",
     "name": "Cross-Organization Orchestration Trust Governance",
     "requirement_id": "Accountability goals (A1–A5)",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AO-07",
     "name": "Orchestration Audit Trail",
     "requirement_id": "Accountability goals (A1–A5)",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AO-08",
     "name": "Orchestration Governance Evidence Package",
     "requirement_id": "Accountability goals (A1–A5)",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AM-01",
     "name": "Behavioral Telemetry Collection Baseline",
     "requirement_id": "T1 — System intelligibility for decision making",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AM-02",
     "name": "Anomalous Action Detection",
     "requirement_id": "RS2 — Failures and remediations",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AM-03",
     "name": "Goal Drift and Intent Deviation Detection",
     "requirement_id": "RS3 — Ongoing monitoring, feedback, and evaluation",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AM-04",
     "name": "Resource Consumption Anomaly Monitoring",
     "requirement_id": "RS3 — Ongoing monitoring, feedback, and evaluation",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AM-05",
     "name": "Multi-Agent Communication Monitoring",
     "requirement_id": "T1 — System intelligibility for decision making",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AM-06",
     "name": "Monitoring Log Integrity",
     "requirement_id": "Accountability goals (A1–A5)",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AM-07",
     "name": "Real-Time Alerting and Automated Agent Suspension",
     "requirement_id": "A5 — Human oversight and control",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AM-08",
     "name": "Monitoring Coverage Evidence Package",
     "requirement_id": "Accountability goals (A1–A5)",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AG-01",
     "name": "Agentic AI Governance Structure",
     "requirement_id": "Accountability goals (A1–A5)",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AG-02",
     "name": "Agent Deployment Policy and Pre-Deployment Review Gate",
     "requirement_id": "A1 — Impact assessment",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AG-03",
     "name": "Agentic AI Risk Assessment Framework",
     "requirement_id": "A1 — Impact assessment",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AG-04",
     "name": "Senior Accountability for Autonomous AI Systems",
     "requirement_id": "A2 — Oversight of significant adverse impacts",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AG-05",
     "name": "Agent Incident Response Program",
     "requirement_id": "RS2 — Failures and remediations",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AG-06",
     "name": "Agent Program Metrics and KPIs",
     "requirement_id": "RS3 — Ongoing monitoring, feedback, and evaluation",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AG-07",
     "name": "Continuous Improvement and Lessons Learned",
     "requirement_id": "RS3 — Ongoing monitoring, feedback, and evaluation",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AG-08",
     "name": "BehavioralAttestation Production",
     "requirement_id": "Accountability goals (A1–A5)",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "EF-01",
     "name": "Ethics Principles Adoption and Operationalization",
     "requirement_id": "Goals A1–A5 (Accountability); Goals T1–T3 (Transparency)",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "EF-02",
     "name": "Values-to-Design Mapping",
     "requirement_id": "Goals F1–F3 (Fairness); Goal T1 (System intelligibility)",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "EF-03",
     "name": "Ethical Risk Appetite Definition",
     "requirement_id": "Goal A1 (Impact assessment); Goal A2 (Oversight of significant adverse impacts)",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "EF-04",
     "name": "Ethics Impact Assessment Framework",
     "requirement_id": "Goal A1 (Impact assessment)",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "EF-05",
     "name": "EU AI Act Prohibited Practices Governance (Art. 5)",
     "requirement_id": "Goal A2 (Oversight of significant adverse impacts — Sensitive Uses); Goals F1–F3 (Fairness)",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "EF-06",
     "name": "Ethics-by-Design Integration in Development Lifecycle",
     "requirement_id": "Goal A2 (requirement A2.2 — Sensitive Uses review)",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "EF-07",
     "name": "External Ethics Stakeholder Engagement",
     "requirement_id": "Goal I1 (Inclusiveness — accessibility standards); Goals A1–A5 (Accountability)",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "EF-08",
     "name": "Ethics Foundations Evidence Package",
     "requirement_id": "Goals A1–A5 (Accountability); Goal T2 (Communication to stakeholders)",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "FA-01",
     "name": "Protected Characteristic Identification and Scope",
     "requirement_id": "Goal F1 (Quality of service — identify affected demographic groups)",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "FA-02",
     "name": "Algorithmic Bias Impact Assessment",
     "requirement_id": "Goal A1 (Impact assessment); Goals F1–F3 (Fairness)",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "FA-04",
     "name": "Independent Bias Testing Methodology",
     "requirement_id": "Goal A2 (Oversight of significant adverse impacts)",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "FA-05",
     "name": "NYC Local Law 144 and Analogous Audit Compliance",
     "requirement_id": "Goals A1–A5 (Accountability)",
     "fit": "adjacent"
    },
    {
     "domain": "ethics",
     "control": "FA-07",
     "name": "Bias Remediation Governance",
     "requirement_id": "Goal RS2 (Failures and remediations)",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "XP-01",
     "name": "Explainability Method Selection and Justification",
     "requirement_id": "Goal T1 (System intelligibility for decision making)",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "XP-02",
     "name": "Decision-Level Explanation Requirements",
     "requirement_id": "Goals T1–T3 (Transparency)",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "XP-03",
     "name": "Explanation Fidelity and Accuracy Verification",
     "requirement_id": "Goal T1 (System intelligibility for decision making)",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "XP-04",
     "name": "Adverse Action Notice and Explanation (ECOA/Reg B, FCRA)",
     "requirement_id": "Goals F1–F2 (Quality of service; Allocation of resources and opportunities)",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "XP-05",
     "name": "Model Card and System Card Transparency Disclosure",
     "requirement_id": "Goal T2 (Communication to stakeholders)",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "XP-06",
     "name": "Technical vs. Non-Technical Explanation Tiers",
     "requirement_id": "Goals T1–T2 (System intelligibility; Communication to stakeholders)",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "XP-07",
     "name": "Explanation Completeness and Coverage Auditing",
     "requirement_id": "Goals A1–A5 (Accountability)",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "XP-08",
     "name": "Explainability Evidence Package",
     "requirement_id": "Goals A1–A5 (Accountability)",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "HI-01",
     "name": "Fundamental Rights Impact Assessment Content Governance",
     "requirement_id": "Goal A1 (Impact assessment)",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "HI-02",
     "name": "Human Dignity and Autonomy Preservation",
     "requirement_id": "Goal T3 (Disclosure of AI interaction)",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "HI-03",
     "name": "Vulnerable Population Protection",
     "requirement_id": "Goal I1 (Inclusiveness — accessibility standards)",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "HI-04",
     "name": "Human Oversight and Override Mechanisms",
     "requirement_id": "Goal A5 (Human oversight and control)",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "HI-05",
     "name": "Remedy and Redress Mechanisms",
     "requirement_id": "Goal A5 (Human oversight and control); Goal RS3 (Ongoing monitoring, feedback, and evaluation)",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "HI-06",
     "name": "Consent and Agency Preservation for AI Interactions",
     "requirement_id": "Goal T3 (Disclosure of AI interaction)",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "HI-07",
     "name": "Child and Minors Safety Controls",
     "requirement_id": "Goals RS1–RS3 (Reliability & Safety)",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "HI-08",
     "name": "Human Interests Evidence Package",
     "requirement_id": "Goals A1–A5 (Accountability)",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "FM-01",
     "name": "Production Fairness Monitoring Program",
     "requirement_id": "Goal F1 (Quality of service); Goal RS3 (Ongoing monitoring, feedback, and evaluation)",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "FM-02",
     "name": "Disparate Outcome Threshold Governance",
     "requirement_id": "Goals F1–F2 (Fairness goals with measurable criteria)",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "FM-03",
     "name": "Statistical Parity and Equalized Odds Monitoring",
     "requirement_id": "Goals F1–F3 (Fairness measurement)",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "FM-04",
     "name": "Feedback Loop and Reinforcement Bias Detection",
     "requirement_id": "Goals F1–F3 (Fairness — intersecting and compounding bias)",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "FM-05",
     "name": "Fairness Incident Response Program",
     "requirement_id": "Goal RS2 (Failures and remediations)",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "FM-06",
     "name": "AI Performance Divergence by Demographic Group",
     "requirement_id": "Goal F1 (Quality of service — disaggregated evaluation)",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "FM-07",
     "name": "Fairness Monitoring Audit Trail",
     "requirement_id": "Goal RS3 (Ongoing monitoring, feedback, and evaluation)",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "FM-08",
     "name": "Fairness Monitoring Evidence Package",
     "requirement_id": "Goals A1–A5 (Accountability); Goal A1 (Impact assessment)",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "EG-01",
     "name": "Ethics Governance Structure",
     "requirement_id": "Goals A1–A5 (Accountability)",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "EG-02",
     "name": "AI Ethics Policy Framework",
     "requirement_id": "Goals A1–A5 (Accountability)",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "EG-03",
     "name": "Senior and Board-Level Ethics Accountability",
     "requirement_id": "Goals A1–A5 (Accountability)",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "EG-04",
     "name": "Ethics Training and Capability Building",
     "requirement_id": "Goal A1 (Impact assessment)",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "EG-05",
     "name": "Third-Party AI Provider Ethics Accountability",
     "requirement_id": "Goal A2 (requirement A2.2 — Sensitive Uses review)",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "EG-06",
     "name": "Ethics Incident Response",
     "requirement_id": "Goals RS1–RS3 (Reliability & Safety)",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "EG-07",
     "name": "Ethics Program Metrics and Effectiveness Measurement",
     "requirement_id": "Goals A1–A5 (Accountability)",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "EG-08",
     "name": "EthicsAttestation Production",
     "requirement_id": "Goals T1–T3 (Transparency); Goals A1–A5 (Accountability)",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MR-01",
     "name": "SR 26-2 Model Inventory and Risk Tiering",
     "requirement_id": "A1",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MR-02",
     "name": "Model Risk Governance Policy Framework",
     "requirement_id": "A2",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MR-03",
     "name": "Pre-Deployment Model Risk Assessment",
     "requirement_id": "RS1",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MR-04",
     "name": "Model Risk Appetite and Material Model Thresholds",
     "requirement_id": "A1",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MR-05",
     "name": "Ongoing Model Risk Monitoring",
     "requirement_id": "RS3",
     "fit": "adjacent"
    },
    {
     "domain": "finance",
     "control": "MR-06",
     "name": "Third-Party and Vendor AI Model Risk Management",
     "requirement_id": "A2",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MR-07",
     "name": "Emerging Model Risk Identification",
     "requirement_id": "T1-T3",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MR-08",
     "name": "Model Risk Evidence Package",
     "requirement_id": "T2",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MV-01",
     "name": "Independent Validation Function Charter",
     "requirement_id": "A2",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MV-02",
     "name": "Conceptual Soundness Assessment",
     "requirement_id": "RS1",
     "fit": "adjacent"
    },
    {
     "domain": "finance",
     "control": "MV-03",
     "name": "Outcome Analysis and Backtesting",
     "requirement_id": "RS3",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MV-04",
     "name": "Benchmarking and Challenger Models",
     "requirement_id": "RS1",
     "fit": "adjacent"
    },
    {
     "domain": "finance",
     "control": "MV-05",
     "name": "Validation Frequency and Trigger-Based Review",
     "requirement_id": "RS3",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MV-06",
     "name": "Validation Scope for AI/ML and LLM Models",
     "requirement_id": "RS1",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MV-07",
     "name": "Validation Finding Escalation and Remediation",
     "requirement_id": "A2",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MV-08",
     "name": "Model Validation Evidence Package",
     "requirement_id": "T2",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FD-01",
     "name": "AI-Driven Decision Transparency and Auditability",
     "requirement_id": "T1",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FD-02",
     "name": "ECOA/Reg B Adverse Action Notice for AI Decisions",
     "requirement_id": "F1, F2",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FD-03",
     "name": "Fair Lending AI Explainability",
     "requirement_id": "F2",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FD-04",
     "name": "Model Output Disclosure to Financial Regulators",
     "requirement_id": "A1",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FD-05",
     "name": "Financial Consumer Notification and Rights",
     "requirement_id": "T3",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FD-06",
     "name": "AI System Disclosure in Financial Filings",
     "requirement_id": "T2",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FD-07",
     "name": "Model Transparency Dashboard for Senior Management",
     "requirement_id": "A2",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FD-08",
     "name": "Financial Disclosure Evidence Package",
     "requirement_id": "T2",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FC-01",
     "name": "SOX 302/404 Controls over AI-Generated Financial Data",
     "requirement_id": "A3",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FC-02",
     "name": "AI-Generated Output Materiality Assessment",
     "requirement_id": "T2",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FC-03",
     "name": "Reconciliation Controls for AI-Influenced Financial Outputs",
     "requirement_id": "RS2",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FC-04",
     "name": "Change Management Controls for Financial AI Systems",
     "requirement_id": "A2",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FC-05",
     "name": "Access Controls for Financial AI Systems",
     "requirement_id": "PS2",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FC-06",
     "name": "AI Operational Error and Financial Exception Management",
     "requirement_id": "RS2",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FC-07",
     "name": "Financial Data Integrity Monitoring",
     "requirement_id": "RS1",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FC-08",
     "name": "Financial Controls Evidence Package",
     "requirement_id": "A1",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FP-01",
     "name": "AI Use Policy for Financial Decision-Making",
     "requirement_id": "A2",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FP-02",
     "name": "Prohibited AI Use Cases in Financial Services",
     "requirement_id": "A3",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FP-03",
     "name": "Financial AI Risk Appetite Statement",
     "requirement_id": "A1",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FP-04",
     "name": "AI Procurement and Vendor Management Policy for Finance",
     "requirement_id": "A2",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FP-05",
     "name": "Data Governance Policy for Financial AI",
     "requirement_id": "F1-F3",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FP-06",
     "name": "Financial AI Change Control Policy",
     "requirement_id": "RS2",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FP-07",
     "name": "AI Exception and Escalation Policy",
     "requirement_id": "A5",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FP-08",
     "name": "Financial Policy Evidence Package",
     "requirement_id": "A1",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FG-01",
     "name": "Finance AI Governance Structure",
     "requirement_id": "A2",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FG-02",
     "name": "Senior and Named Accountability for Financial AI Decisions",
     "requirement_id": "A2",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FG-03",
     "name": "Board-Level Oversight of Financial AI Risk",
     "requirement_id": "A2",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FG-05",
     "name": "Finance AI Incident Response Integration",
     "requirement_id": "RS2",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FG-06",
     "name": "Financial AI Program Metrics and Board Reporting",
     "requirement_id": "T2",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FG-07",
     "name": "Annual AI Governance Review",
     "requirement_id": "A2",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FG-08",
     "name": "FinanceAttestation Production",
     "requirement_id": "T2",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PV-01",
     "name": "Operating Intent Declaration",
     "requirement_id": "Microsoft Responsible AI Standard v2 — Goal A1: Impact Assessment (Intended Uses)",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PV-02",
     "name": "Operating Intent Boundary Validation",
     "requirement_id": "Azure Policy — AI Model Deployment Restriction and Content Safety Filters",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PV-03",
     "name": "Intended Purpose Alignment Review",
     "requirement_id": "Microsoft Responsible AI Standard v2 — Goal A3: Fit for Purpose",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PV-04",
     "name": "Authorized Knowledge Source Registry",
     "requirement_id": "Microsoft Purview — Data Governance for AI Knowledge Sources",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PV-05",
     "name": "Knowledge Source Version Governance",
     "requirement_id": "Azure Machine Learning — Model and Data Version Tracking",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PV-06",
     "name": "Operating Context Change Management",
     "requirement_id": "Microsoft Responsible AI Standard v2 — Goal A1: Impact Assessment (Update on Material Change)",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PV-07",
     "name": "Deployment Scope Attestation",
     "requirement_id": "Microsoft Responsible AI Standard v2 — Goal A2: Oversight of Significant Adverse Impacts (Sensitive-Use Review)",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PA-01",
     "name": "Delegation of Authority Integration",
     "requirement_id": "Azure RBAC — Authority Delegation Hierarchy",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PA-02",
     "name": "Approval Limit Enforcement",
     "requirement_id": "Azure Policy Custom Definitions — AI Action Approval Thresholds",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PA-03",
     "name": "Escalation Gate Design and Testing",
     "requirement_id": "Microsoft Responsible AI Standard v2 — Goal A5: Human Oversight and Control",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PA-04",
     "name": "Principal Accountability Binding",
     "requirement_id": "Microsoft Purview Audit — Principal Accountability for AI Actions",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PA-05",
     "name": "Multi-Party Approval Workflow",
     "requirement_id": "Azure DevOps Required Reviewers — Multi-Party AI Deployment Approval",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PA-06",
     "name": "Emergency Override and Break-Glass",
     "requirement_id": "Azure PIM Emergency Access — Governed Break-Glass Activation",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PA-07",
     "name": "Approval Record and Audit Trail",
     "requirement_id": "Microsoft Purview Audit — Unified AI Authorization Audit Trail",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PA-08",
     "name": "Authority Scope Change Notification",
     "requirement_id": "Azure Event Grid — AI Governance Policy Change Alerts",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PO-01",
     "name": "Internal Policy Register for AI Deployments",
     "requirement_id": "Azure Policy Initiative Assignments — AI Policy Register Implementation",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PO-02",
     "name": "Policy Version Control and Distribution",
     "requirement_id": "Azure Resource Manager Policy Versioning — Automated Policy Distribution",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PO-03",
     "name": "Contractual Obligation Extraction",
     "requirement_id": "Microsoft Responsible AI Standard v2 — Goal A1: Impact Assessment (Structured Documentation Template)",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PO-04",
     "name": "Contract Term Conflict Detection",
     "requirement_id": "Microsoft Purview Compliance Solutions — Contractual Conflict Detection",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PO-05",
     "name": "Data Use Policy Enforcement",
     "requirement_id": "Azure Policy + Microsoft Purview Data Governance — Automated Data Use Enforcement",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PR-02",
     "name": "AI-Initiated Commitment Controls",
     "requirement_id": "Azure Policy — AI Resource Provisioning Commitment Approval Gates",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PR-04",
     "name": "Contract Review Gate Compliance",
     "requirement_id": "Microsoft Responsible AI Standard v2 — Goal A1: Impact Assessment (Pre-Deployment Review)",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PR-05",
     "name": "SLA Commitment Governance",
     "requirement_id": "Azure SLA + Azure Monitor — SLA Commitment Monitoring",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PR-06",
     "name": "AI in Contract Negotiation Controls",
     "requirement_id": "Microsoft Responsible AI Standard v2 — Goal A5: Human Oversight and Control",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PR-07",
     "name": "Contract Obligation Monitoring",
     "requirement_id": "Microsoft Purview Compliance Manager — Custom Assessments for Obligation Tracking",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PG-01",
     "name": "Policy Adherence Monitoring",
     "requirement_id": "Azure Policy Compliance Dashboard — AI Workload Policy Adherence",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PG-02",
     "name": "Authority Limit Monitoring",
     "requirement_id": "Microsoft Defender for Cloud — AI Workload Posture and Threat Signals",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PG-03",
     "name": "Contract Obligation Compliance Monitoring",
     "requirement_id": "Microsoft Purview Compliance Manager — Regulatory Template Compliance Scoring",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PG-04",
     "name": "Policy Incident Classification and Response",
     "requirement_id": "Microsoft Sentinel — AI Policy Incident Classification and SOAR Response",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PG-05",
     "name": "Knowledge Source Staleness Detection",
     "requirement_id": "Azure Machine Learning Model Monitoring — Knowledge Source Staleness Signals",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PG-06",
     "name": "Operating Intent Drift Detection",
     "requirement_id": "Azure AI Foundry Observability — Operating Intent Drift Monitoring",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PG-07",
     "name": "Policy Governance Reporting",
     "requirement_id": "Microsoft Purview + Azure Policy Compliance Reports — AI Governance Reporting",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PG-08",
     "name": "Lessons Learned and Policy Improvement",
     "requirement_id": "Microsoft Responsible AI Transparency Report — Systematic Lessons Learned",
     "fit": "supporting"
    },
    {
     "domain": "authority",
     "control": "PE-01",
     "name": "Policy Evidence Archive",
     "requirement_id": "Microsoft Responsible AI Standard v2 — Goal A1: Impact Assessment (Documentation)",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PE-02",
     "name": "Regulatory Disclosure Readiness",
     "requirement_id": "Microsoft Responsible AI Transparency Report + Purview — Disclosure Infrastructure",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PE-03",
     "name": "Internal Audit Support Package",
     "requirement_id": "Microsoft Purview Compliance Manager — Structured Internal Audit Packages",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PE-04",
     "name": "Cross-Domain Policy Evidence Integration",
     "requirement_id": "Microsoft Defender for Cloud + Purview — Cross-Domain Policy Evidence Integration",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PE-05",
     "name": "Contract Audit Trail",
     "requirement_id": "Microsoft Purview Audit — Contract Obligation Audit Trail Retention",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PE-06",
     "name": "Board and Senior Management Policy Reporting",
     "requirement_id": "Microsoft RAI Transparency Report — Board Governance Disclosure Model",
     "fit": "supporting"
    },
    {
     "domain": "authority",
     "control": "PE-07",
     "name": "Policy Governance Program Assessment",
     "requirement_id": "Microsoft RAI Red Team Operations — Independent Program Assessment",
     "fit": "supporting"
    }
   ],
   "source_refs": [
    {
     "domain": "privacy",
     "control": "DC-01",
     "name": "Personal Data Inventory",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DC-02",
     "name": "Special Category Data Classification",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DC-06",
     "name": "Data Purpose Limitation Mapping",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DG-01",
     "name": "Data Processing Register",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DG-02",
     "name": "Data Processor Agreements",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DG-03",
     "name": "International Transfer Mechanism Registry",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DG-04",
     "name": "Transfer Impact Assessment",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DG-05",
     "name": "DPIA Lifecycle Management",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DG-06",
     "name": "Data Breach Response",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DG-07",
     "name": "Data Retention and Deletion Schedule",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DG-08",
     "name": "Governance Evidence Archive",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DS-05",
     "name": "Automated Decision Explanation Rights",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DP-01",
     "name": "Encryption at Rest and in Transit",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DP-02",
     "name": "Pseudonymization Implementation",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DP-03",
     "name": "Data Minimization Enforcement",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DP-05",
     "name": "Output PII Scrubbing",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DP-07",
     "name": "AI Telemetry Data Controls",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DP-08",
     "name": "Data Protection Evidence Log",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "PM-01",
     "name": "Privacy Incident Detection",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "PM-02",
     "name": "Cross-Context Inference Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "PM-03",
     "name": "Purpose Creep Detection",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "PM-05",
     "name": "Inference Log Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "PM-06",
     "name": "Privacy Breach Notification Management",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "PM-08",
     "name": "Privacy Monitoring Evidence Archive",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "PC-01",
     "name": "Regulatory Obligation Mapping",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "PC-02",
     "name": "Privacy Certification Program",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "PC-03",
     "name": "Jurisdiction-Specific Compliance Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "PC-04",
     "name": "Privacy Program Effectiveness Assessment",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "PC-05",
     "name": "Privacy-by-Design Certification",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "PC-06",
     "name": "AI Privacy Impact Assessment",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "PC-07",
     "name": "Privacy Governance Reporting",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "PC-08",
     "name": "PrivacyAttestation [BASELINE]",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AA-01",
     "name": "Agent Identity Presentation at Tool Invocation",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AA-02",
     "name": "API Key and Bearer Token Lifecycle Management",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AA-03",
     "name": "mTLS and Certificate-Based Agent Authentication",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AA-04",
     "name": "Workload Identity for Agent Processes",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AA-05",
     "name": "Session Token Binding and Anti-Replay Controls",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AA-06",
     "name": "Cross-System Authentication Chaining",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AA-07",
     "name": "Authentication Failure Monitoring and Alerting",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AA-08",
     "name": "Agent Authentication Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AB-01",
     "name": "Authorized Action Scope Manifest",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AB-02",
     "name": "Tool-Call Authorization Policy",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AB-03",
     "name": "Action Reversibility Classification and Gates",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AB-04",
     "name": "Output Policy Enforcement",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AB-05",
     "name": "Prompt Injection Detection and Defense",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AB-06",
     "name": "Rate Limiting and Resource Budget Enforcement",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AB-07",
     "name": "Behavioral Drift Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AB-08",
     "name": "BehavioralAttestation Production",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AT-01",
     "name": "Tool and Plugin Registry",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AT-02",
     "name": "Tool Permission Scoping",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AT-03",
     "name": "Tool Input Validation and Schema Enforcement",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AT-04",
     "name": "Tool Output Sanitization and Integrity Verification",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AT-05",
     "name": "Dangerous and Irreversible Tool Access Controls",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AT-06",
     "name": "Third-Party Plugin Vetting and Sandboxing",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AT-07",
     "name": "Tool Usage Audit Trail",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AT-08",
     "name": "Tool Governance Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AO-01",
     "name": "Multi-Agent Trust Chain Documentation",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AO-02",
     "name": "Sub-Agent Authorization and Capability Delegation",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AO-03",
     "name": "Orchestration Message Integrity",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AO-04",
     "name": "Human-in-the-Loop Gates for High-Consequence Orchestrations",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AO-05",
     "name": "Orchestration Loop and Escalation Detection",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AO-06",
     "name": "Cross-Organization Orchestration Trust Governance",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AO-07",
     "name": "Orchestration Audit Trail",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AO-08",
     "name": "Orchestration Governance Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AM-01",
     "name": "Behavioral Telemetry Collection Baseline",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AM-02",
     "name": "Anomalous Action Detection",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AM-03",
     "name": "Goal Drift and Intent Deviation Detection",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AM-04",
     "name": "Resource Consumption Anomaly Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AM-05",
     "name": "Multi-Agent Communication Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AM-06",
     "name": "Monitoring Log Integrity",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AM-07",
     "name": "Real-Time Alerting and Automated Agent Suspension",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AM-08",
     "name": "Monitoring Coverage Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AG-01",
     "name": "Agentic AI Governance Structure",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AG-02",
     "name": "Agent Deployment Policy and Pre-Deployment Review Gate",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AG-03",
     "name": "Agentic AI Risk Assessment Framework",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AG-04",
     "name": "Senior Accountability for Autonomous AI Systems",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AG-05",
     "name": "Agent Incident Response Program",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AG-06",
     "name": "Agent Program Metrics and KPIs",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AG-07",
     "name": "Continuous Improvement and Lessons Learned",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AG-08",
     "name": "BehavioralAttestation Production",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "EF-01",
     "name": "Ethics Principles Adoption and Operationalization",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "EF-02",
     "name": "Values-to-Design Mapping",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "EF-03",
     "name": "Ethical Risk Appetite Definition",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "EF-04",
     "name": "Ethics Impact Assessment Framework",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "EF-05",
     "name": "EU AI Act Prohibited Practices Governance (Art. 5)",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "EF-06",
     "name": "Ethics-by-Design Integration in Development Lifecycle",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "EF-07",
     "name": "External Ethics Stakeholder Engagement",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "EF-08",
     "name": "Ethics Foundations Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "FA-01",
     "name": "Protected Characteristic Identification and Scope",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "FA-02",
     "name": "Algorithmic Bias Impact Assessment",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "FA-04",
     "name": "Independent Bias Testing Methodology",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "FA-05",
     "name": "NYC Local Law 144 and Analogous Audit Compliance",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "FA-07",
     "name": "Bias Remediation Governance",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "XP-01",
     "name": "Explainability Method Selection and Justification",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "XP-02",
     "name": "Decision-Level Explanation Requirements",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "XP-03",
     "name": "Explanation Fidelity and Accuracy Verification",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "XP-04",
     "name": "Adverse Action Notice and Explanation (ECOA/Reg B, FCRA)",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "XP-05",
     "name": "Model Card and System Card Transparency Disclosure",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "XP-06",
     "name": "Technical vs. Non-Technical Explanation Tiers",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "XP-07",
     "name": "Explanation Completeness and Coverage Auditing",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "XP-08",
     "name": "Explainability Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "HI-01",
     "name": "Fundamental Rights Impact Assessment Content Governance",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "HI-02",
     "name": "Human Dignity and Autonomy Preservation",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "HI-03",
     "name": "Vulnerable Population Protection",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "HI-04",
     "name": "Human Oversight and Override Mechanisms",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "HI-05",
     "name": "Remedy and Redress Mechanisms",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "HI-06",
     "name": "Consent and Agency Preservation for AI Interactions",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "HI-07",
     "name": "Child and Minors Safety Controls",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "HI-08",
     "name": "Human Interests Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "FM-01",
     "name": "Production Fairness Monitoring Program",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "FM-02",
     "name": "Disparate Outcome Threshold Governance",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "FM-03",
     "name": "Statistical Parity and Equalized Odds Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "FM-04",
     "name": "Feedback Loop and Reinforcement Bias Detection",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "FM-05",
     "name": "Fairness Incident Response Program",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "FM-06",
     "name": "AI Performance Divergence by Demographic Group",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "FM-07",
     "name": "Fairness Monitoring Audit Trail",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "FM-08",
     "name": "Fairness Monitoring Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "EG-01",
     "name": "Ethics Governance Structure",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "EG-02",
     "name": "AI Ethics Policy Framework",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "EG-03",
     "name": "Senior and Board-Level Ethics Accountability",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "EG-04",
     "name": "Ethics Training and Capability Building",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "EG-05",
     "name": "Third-Party AI Provider Ethics Accountability",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "EG-06",
     "name": "Ethics Incident Response",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "EG-07",
     "name": "Ethics Program Metrics and Effectiveness Measurement",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "EG-08",
     "name": "EthicsAttestation Production",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MR-01",
     "name": "SR 26-2 Model Inventory and Risk Tiering",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MR-02",
     "name": "Model Risk Governance Policy Framework",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MR-03",
     "name": "Pre-Deployment Model Risk Assessment",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MR-04",
     "name": "Model Risk Appetite and Material Model Thresholds",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MR-05",
     "name": "Ongoing Model Risk Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MR-06",
     "name": "Third-Party and Vendor AI Model Risk Management",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MR-07",
     "name": "Emerging Model Risk Identification",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MR-08",
     "name": "Model Risk Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MV-01",
     "name": "Independent Validation Function Charter",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MV-02",
     "name": "Conceptual Soundness Assessment",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MV-03",
     "name": "Outcome Analysis and Backtesting",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MV-04",
     "name": "Benchmarking and Challenger Models",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MV-05",
     "name": "Validation Frequency and Trigger-Based Review",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MV-06",
     "name": "Validation Scope for AI/ML and LLM Models",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MV-07",
     "name": "Validation Finding Escalation and Remediation",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MV-08",
     "name": "Model Validation Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FD-01",
     "name": "AI-Driven Decision Transparency and Auditability",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FD-02",
     "name": "ECOA/Reg B Adverse Action Notice for AI Decisions",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FD-03",
     "name": "Fair Lending AI Explainability",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FD-04",
     "name": "Model Output Disclosure to Financial Regulators",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FD-05",
     "name": "Financial Consumer Notification and Rights",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FD-06",
     "name": "AI System Disclosure in Financial Filings",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FD-07",
     "name": "Model Transparency Dashboard for Senior Management",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FD-08",
     "name": "Financial Disclosure Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FC-01",
     "name": "SOX 302/404 Controls over AI-Generated Financial Data",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FC-02",
     "name": "AI-Generated Output Materiality Assessment",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FC-03",
     "name": "Reconciliation Controls for AI-Influenced Financial Outputs",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FC-04",
     "name": "Change Management Controls for Financial AI Systems",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FC-05",
     "name": "Access Controls for Financial AI Systems",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FC-06",
     "name": "AI Operational Error and Financial Exception Management",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FC-07",
     "name": "Financial Data Integrity Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FC-08",
     "name": "Financial Controls Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FP-01",
     "name": "AI Use Policy for Financial Decision-Making",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FP-02",
     "name": "Prohibited AI Use Cases in Financial Services",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FP-03",
     "name": "Financial AI Risk Appetite Statement",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FP-04",
     "name": "AI Procurement and Vendor Management Policy for Finance",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FP-05",
     "name": "Data Governance Policy for Financial AI",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FP-06",
     "name": "Financial AI Change Control Policy",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FP-07",
     "name": "AI Exception and Escalation Policy",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FP-08",
     "name": "Financial Policy Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FG-01",
     "name": "Finance AI Governance Structure",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FG-02",
     "name": "Senior and Named Accountability for Financial AI Decisions",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FG-03",
     "name": "Board-Level Oversight of Financial AI Risk",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FG-05",
     "name": "Finance AI Incident Response Integration",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FG-06",
     "name": "Financial AI Program Metrics and Board Reporting",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FG-07",
     "name": "Annual AI Governance Review",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FG-08",
     "name": "FinanceAttestation Production",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PV-01",
     "name": "Operating Intent Declaration",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PV-02",
     "name": "Operating Intent Boundary Validation",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PV-03",
     "name": "Intended Purpose Alignment Review",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PV-04",
     "name": "Authorized Knowledge Source Registry",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PV-05",
     "name": "Knowledge Source Version Governance",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PV-06",
     "name": "Operating Context Change Management",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PV-07",
     "name": "Deployment Scope Attestation",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PA-01",
     "name": "Delegation of Authority Integration",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PA-02",
     "name": "Approval Limit Enforcement",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PA-03",
     "name": "Escalation Gate Design and Testing",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PA-04",
     "name": "Principal Accountability Binding",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PA-05",
     "name": "Multi-Party Approval Workflow",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PA-06",
     "name": "Emergency Override and Break-Glass",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PA-07",
     "name": "Approval Record and Audit Trail",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PA-08",
     "name": "Authority Scope Change Notification",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PO-01",
     "name": "Internal Policy Register for AI Deployments",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PO-02",
     "name": "Policy Version Control and Distribution",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PO-03",
     "name": "Contractual Obligation Extraction",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PO-04",
     "name": "Contract Term Conflict Detection",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PO-05",
     "name": "Data Use Policy Enforcement",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PO-06",
     "name": "Communication and Commitment Policy",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PO-07",
     "name": "Third-Party Policy Requirements",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PO-08",
     "name": "Policy Obligation Gap Analysis",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PR-01",
     "name": "AI Procurement Policy Integration",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PR-02",
     "name": "AI-Initiated Commitment Controls",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PR-03",
     "name": "Vendor Qualification Enforcement",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PR-04",
     "name": "Contract Review Gate Compliance",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PR-05",
     "name": "SLA Commitment Governance",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PR-06",
     "name": "AI in Contract Negotiation Controls",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PR-07",
     "name": "Contract Obligation Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PG-01",
     "name": "Policy Adherence Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PG-02",
     "name": "Authority Limit Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PG-03",
     "name": "Contract Obligation Compliance Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PG-04",
     "name": "Policy Incident Classification and Response",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PG-05",
     "name": "Knowledge Source Staleness Detection",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PG-06",
     "name": "Operating Intent Drift Detection",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PG-07",
     "name": "Policy Governance Reporting",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PG-08",
     "name": "Lessons Learned and Policy Improvement",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PE-01",
     "name": "Policy Evidence Archive",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PE-02",
     "name": "Regulatory Disclosure Readiness",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PE-03",
     "name": "Internal Audit Support Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PE-04",
     "name": "Cross-Domain Policy Evidence Integration",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PE-05",
     "name": "Contract Audit Trail",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PE-06",
     "name": "Board and Senior Management Policy Reporting",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PE-07",
     "name": "Policy Governance Program Assessment",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {
    "privacy": 32,
    "agentic": 48,
    "ethics": 45,
    "finance": 47,
    "authority": 40
   },
   "title": "Microsoft Responsible AI Standard v2",
   "total": 429
  },
  {
   "source_id": "eu_ai_act",
   "framework_refs": [
    {
     "domain": "security",
     "control": "IA-06",
     "name": "Bind a signed, end-to-end provenance chain to every agent action",
     "requirement_id": "Art. 12 (record-keeping); Art. 19 (provider) / Art. 26(6) (deployer) log retention",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "GV-02",
     "name": "Keep an immutable, tamper-evident audit trail of what the agent did",
     "requirement_id": "Art. 12 (logging capability); Art. 19 (provider) / Art. 26(6) (deployer) log retention, at least 6 months",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "AS-03",
     "name": "Gate releases on continuous adversarial validation",
     "requirement_id": "Art. 9 (risk management system)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "EC-12",
     "name": "AI Serving-Stack Vulnerability Management",
     "requirement_id": "Art-15",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "LI-04",
     "name": "Structured Model Documentation — Complete Model Card with All Required Sections",
     "requirement_id": "Art-11",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "LI-06",
     "name": "Immutable Version Control with Tested Rollback and Emergency Disable",
     "requirement_id": "Art-12",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "LI-07",
     "name": "Capability and Limitation Declaration — Intended Use, Constraints,...",
     "requirement_id": "Art-13",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "LI-09",
     "name": "Material-Change Determination and Authorization Gate",
     "requirement_id": "Art-9",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "LI-10",
     "name": "Model Retirement and Archive Policy — End-of-Life Procedure, Evidence...",
     "requirement_id": "Art-12",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "TG-01",
     "name": "Training Data Quality Gates",
     "requirement_id": "Art-10",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "TG-02",
     "name": "Bias and Representativeness Assessment",
     "requirement_id": "Art-10",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "TG-03",
     "name": "Data Rights, Lawful Authority and Permitted Use",
     "requirement_id": "Art-10",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "TG-04",
     "name": "Data Poisoning Prevention",
     "requirement_id": "Art-10",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "TG-05",
     "name": "Train/Evaluation/Test Separation and Contamination Prevention",
     "requirement_id": "Art-9",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "TG-06",
     "name": "Sensitive-Data Necessity, Minimization and Controlled Use",
     "requirement_id": "Art-10",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "TG-07",
     "name": "Third-Party Dataset Governance",
     "requirement_id": "Art-10",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "TG-08",
     "name": "Dataset Retention, Deletion and Lifecycle",
     "requirement_id": "Art-10",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "EV-01",
     "name": "Pre-Deployment Evaluation Gate",
     "requirement_id": "Art-9",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "EV-02",
     "name": "Fitness, Safety, Reliability and Policy-Conformance Evaluation",
     "requirement_id": "Art-9",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "EV-03",
     "name": "Dangerous Capability Threshold Assessment",
     "requirement_id": "Art-55",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "EV-04",
     "name": "Adversarial Red-Team Testing",
     "requirement_id": "Art-55",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "EV-05",
     "name": "Fairness and Bias Evaluation",
     "requirement_id": "Art-9",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "EV-06",
     "name": "Reproducible Evaluation Design",
     "requirement_id": "Art-9",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "EV-07",
     "name": "Regression Testing on Updates",
     "requirement_id": "Art-9",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "EV-08",
     "name": "Independent Validation",
     "requirement_id": "Art-9",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "EV-09",
     "name": "Risk and Applicability Classification",
     "requirement_id": "Art-6",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "EV-10",
     "name": "Evaluation Result Provenance",
     "requirement_id": "Art-12",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "OA-01",
     "name": "Model Ownership Assignment",
     "requirement_id": "Art-17",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "OA-02",
     "name": "Meaningful Human Oversight for High-Stakes Decisions",
     "requirement_id": "Art-14",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "OA-03",
     "name": "AI Model Governance Committee",
     "requirement_id": "Art-17",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "OA-05",
     "name": "Regulatory and Legal Review Sign-Off",
     "requirement_id": "Art-43",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "OA-07",
     "name": "Incident Escalation Authority Chain",
     "requirement_id": "Art-73",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "OA-08",
     "name": "Notice, Explanation Support, Human Review and Contestability",
     "requirement_id": "Art-13",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "BH-01",
     "name": "Output Anomaly Detection",
     "requirement_id": "Art-15",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "BH-02",
     "name": "Concept and Data Drift Detection",
     "requirement_id": "Art-72",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "BH-03",
     "name": "Production Performance Degradation Alerting",
     "requirement_id": "Art-72",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "BH-04",
     "name": "Behavioral Boundary Performance Testing",
     "requirement_id": "Art-15",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "BH-05",
     "name": "Usage Telemetry and Decision Logging",
     "requirement_id": "Art-12",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "BH-06",
     "name": "Injection-Resistance Evaluation in Production",
     "requirement_id": "Art-55",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "BH-07",
     "name": "Resource and Cost Anomaly Monitoring",
     "requirement_id": "Art-55",
     "fit": "adjacent"
    },
    {
     "domain": "model",
     "control": "BH-08",
     "name": "Shadow and Canary Deployment Governance",
     "requirement_id": "Art-15",
     "fit": "adjacent"
    },
    {
     "domain": "model",
     "control": "BH-09",
     "name": "Synthetic-Content Provenance, Disclosure and Traceability",
     "requirement_id": "Art-50",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "BH-10",
     "name": "Feedback Loop Integrity and Online Learning Governance",
     "requirement_id": "Art-72",
     "fit": "adjacent"
    },
    {
     "domain": "model",
     "control": "CR-01",
     "name": "Continuous Production Monitoring and Risk Aggregation",
     "requirement_id": "Art-72",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "CR-02",
     "name": "Model Evidence Archive and Audit Trail",
     "requirement_id": "Art-11",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "CR-03",
     "name": "Scheduled Model Re-validation",
     "requirement_id": "Art-72",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "CR-04",
     "name": "AI Incident Response Management",
     "requirement_id": "Art-73",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "CR-05",
     "name": "Regulatory Notification and Statutory Reporting",
     "requirement_id": "Art-72",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "CR-06",
     "name": "Post-Market Surveillance",
     "requirement_id": "Art-73",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "CR-07",
     "name": "Model Retirement and Evidence Archival",
     "requirement_id": "Art-16",
     "fit": "adjacent"
    },
    {
     "domain": "model",
     "control": "CR-08",
     "name": "Cross-Domain Assurance Coordination",
     "requirement_id": "Art-11",
     "fit": "adjacent"
    },
    {
     "domain": "privacy",
     "control": "DG-05",
     "name": "DPIA Lifecycle Management",
     "requirement_id": "Art 27",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DS-05",
     "name": "Automated Decision Explanation Rights",
     "requirement_id": "Art 86",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DP-02",
     "name": "Pseudonymization Implementation",
     "requirement_id": "Art 10(5)",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DP-06",
     "name": "Synthetic Data Governance",
     "requirement_id": "Art 10",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "PC-06",
     "name": "AI Privacy Impact Assessment",
     "requirement_id": "Art 27",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "PC-08",
     "name": "PrivacyAttestation [BASELINE]",
     "requirement_id": "Art 47",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CA-01",
     "name": "Regulatory Scope Determination",
     "requirement_id": "Art. 9",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CA-02",
     "name": "Compliance Framework Selection and Mapping",
     "requirement_id": "Art. 9(2)",
     "fit": "adjacent"
    },
    {
     "domain": "compliance",
     "control": "CA-03",
     "name": "Cross-Domain Evidence Routing",
     "requirement_id": "Art. 9(2)",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CA-04",
     "name": "Design-Time Compliance Classification",
     "requirement_id": "Art. 6",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CA-05",
     "name": "Regulatory Change Management",
     "requirement_id": "Art. 43",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CA-06",
     "name": "Compliance Obligation Gap Analysis",
     "requirement_id": "Art. 9(2)",
     "fit": "adjacent"
    },
    {
     "domain": "compliance",
     "control": "CA-07",
     "name": "Third-Party and Supply Chain Compliance Obligations",
     "requirement_id": "Arts. 23–27",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CA-08",
     "name": "Compliance Architecture Evidence Package",
     "requirement_id": "Art. 11",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "OB-01",
     "name": "Obligation Register",
     "requirement_id": "Art. 9",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "OB-02",
     "name": "Obligation Owner Assignment",
     "requirement_id": "Art. 16",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "OB-03",
     "name": "Obligation Due Date and Milestone Tracking",
     "requirement_id": "Art. 43",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "OB-04",
     "name": "EU AI Act Conformity Assessment Obligation Management",
     "requirement_id": "Arts. 8–15 & Art. 16",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "OB-06",
     "name": "Contractual AI Obligation Management",
     "requirement_id": "Art. 26",
     "fit": "adjacent"
    },
    {
     "domain": "compliance",
     "control": "OB-07",
     "name": "Obligation Fulfillment Verification",
     "requirement_id": "Art. 9(2)",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "OB-08",
     "name": "Obligations Evidence Package",
     "requirement_id": "Art. 18",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "RF-01",
     "name": "EU AI Act High-Risk AI System Classification",
     "requirement_id": "Art. 6 & Annex III",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "RF-02",
     "name": "EU AI Act Conformity Assessment Pathway Selection",
     "requirement_id": "Art. 43",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "RF-03",
     "name": "EU AI Act Technical Documentation Package (Art. 11)",
     "requirement_id": "Art. 11 & Annex IV",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "RF-04",
     "name": "EU AI Act Post-Market Monitoring Plan (Art. 72)",
     "requirement_id": "Art. 72–73",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "RF-07",
     "name": "ISO 42001 Certification Pathway",
     "requirement_id": "Art. 9, Art. 17",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "RF-08",
     "name": "Regulatory Framework Evidence Package",
     "requirement_id": "Art. 11, Art. 18",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CI-01",
     "name": "Compliance Control Testing Program",
     "requirement_id": "Art. 9(2)",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CI-02",
     "name": "Continuous Compliance Monitoring",
     "requirement_id": "Art. 72",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CI-03",
     "name": "AI-Specific Compliance KPIs",
     "requirement_id": "Art. 17(1)(i)",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CI-04",
     "name": "Compliance Tooling Implementation",
     "requirement_id": "Art. 11, Art. 18",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CI-05",
     "name": "Compliance Training and Awareness Program",
     "requirement_id": "Art. 9(5)",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CI-06",
     "name": "Internal Audit of AI Compliance Controls",
     "requirement_id": "Art. 9(2)",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CI-07",
     "name": "Remediation Tracking and Closure",
     "requirement_id": "Art. 20",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CI-08",
     "name": "Compliance Implementation Evidence Package",
     "requirement_id": "Art. 18",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "AU-01",
     "name": "Audit Readiness Program",
     "requirement_id": "Art. 17(1)(k)",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "AU-02",
     "name": "Evidence Collection, Curation, and Validation",
     "requirement_id": "Art. 18",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "AU-03",
     "name": "Auditor Access and Cooperation Protocols",
     "requirement_id": "Art. 74(12)–(13)",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "AU-04",
     "name": "Audit Trail Integrity",
     "requirement_id": "Art. 12",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "AU-05",
     "name": "Regulatory Examination Response Program",
     "requirement_id": "Art. 74(12)–(13)",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "AU-06",
     "name": "Audit Finding Remediation Program",
     "requirement_id": "Art. 9(2)(d) & Art. 20",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "AU-07",
     "name": "Multi-Framework Evidence Reuse",
     "requirement_id": "Art. 17(1)",
     "fit": "adjacent"
    },
    {
     "domain": "compliance",
     "control": "AU-08",
     "name": "ComplianceAttestation Production",
     "requirement_id": "Art. 43(1)",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CG-01",
     "name": "Compliance Governance Structure",
     "requirement_id": "Article 17",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CG-02",
     "name": "Compliance Policy Framework for AI",
     "requirement_id": "Article 9",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CG-03",
     "name": "Senior and Board-Level Accountability for AI Compliance",
     "requirement_id": "Article 26",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CG-04",
     "name": "Compliance Risk Appetite Definition",
     "requirement_id": "Article 9(2)",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CG-05",
     "name": "Compliance Program Resourcing",
     "requirement_id": "Article 17(1)(l)",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CG-06",
     "name": "Compliance Incident Response",
     "requirement_id": "Article 73",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CG-07",
     "name": "Compliance Program Metrics and KPIs",
     "requirement_id": "Article 17(1)",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CG-08",
     "name": "Compliance Governance Evidence Package",
     "requirement_id": "Article 17 and Article 11",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "NI-09",
     "name": "Non-Human Identity Layer Evidence Package",
     "requirement_id": "Art. 17",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "DE-09",
     "name": "Delegation Layer Evidence Package",
     "requirement_id": "Art. 17",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IF-09",
     "name": "Identity Federation Layer Evidence Package",
     "requirement_id": "Art. 17",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IM-09",
     "name": "Identity Monitoring Layer Evidence Package",
     "requirement_id": "Art. 17",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AA-03",
     "name": "mTLS and Certificate-Based Agent Authentication",
     "requirement_id": "Art. 15(5)",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AA-06",
     "name": "Cross-System Authentication Chaining",
     "requirement_id": "Art. 13",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AA-07",
     "name": "Authentication Failure Monitoring and Alerting",
     "requirement_id": "Art. 12",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AA-08",
     "name": "Agent Authentication Evidence Package",
     "requirement_id": "Art. 17",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AB-01",
     "name": "Authorized Action Scope Manifest",
     "requirement_id": "Article 9(2)",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AB-02",
     "name": "Tool-Call Authorization Policy",
     "requirement_id": "Article 14 — Human Oversight",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AB-03",
     "name": "Action Reversibility Classification and Gates",
     "requirement_id": "Article 14(4) — Human Override",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AB-04",
     "name": "Output Policy Enforcement",
     "requirement_id": "Article 10(3) — Data Governance",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AB-05",
     "name": "Prompt Injection Detection and Defense",
     "requirement_id": "Article 15 — Accuracy, Robustness, Cybersecurity",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AB-07",
     "name": "Behavioral Drift Monitoring",
     "requirement_id": "Art. 9(2)(d) & Art. 72",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AB-08",
     "name": "BehavioralAttestation Production",
     "requirement_id": "Article 11 — Technical Documentation",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AT-01",
     "name": "Tool and Plugin Registry",
     "requirement_id": "Art. 11 & 17",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AT-02",
     "name": "Tool Permission Scoping",
     "requirement_id": "Art. 9 Risk Management System",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AT-05",
     "name": "Dangerous and Irreversible Tool Access Controls",
     "requirement_id": "Art. 14 Human Oversight",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AT-06",
     "name": "Third-Party Plugin Vetting and Sandboxing",
     "requirement_id": "Art. 17 & 25 Third-Party Obligations",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AT-07",
     "name": "Tool Usage Audit Trail",
     "requirement_id": "Art. 12 Record-Keeping",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AT-08",
     "name": "Tool Governance Evidence Package",
     "requirement_id": "Art. 11 & Art. 18",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AO-01",
     "name": "Multi-Agent Trust Chain Documentation",
     "requirement_id": "Article 13",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AO-02",
     "name": "Sub-Agent Authorization and Capability Delegation",
     "requirement_id": "Article 9",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AO-04",
     "name": "Human-in-the-Loop Gates for High-Consequence Orchestrations",
     "requirement_id": "Article 14",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AO-06",
     "name": "Cross-Organization Orchestration Trust Governance",
     "requirement_id": "Art. 25 & Art. 26",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AO-07",
     "name": "Orchestration Audit Trail",
     "requirement_id": "Article 12",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AO-08",
     "name": "Orchestration Governance Evidence Package",
     "requirement_id": "Article 11",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AM-01",
     "name": "Behavioral Telemetry Collection Baseline",
     "requirement_id": "Art. 12(1)",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AM-03",
     "name": "Goal Drift and Intent Deviation Detection",
     "requirement_id": "Art. 9(2)(a)",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AM-04",
     "name": "Resource Consumption Anomaly Monitoring",
     "requirement_id": "Art. 9(4) — Risk Management Measures",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AM-06",
     "name": "Monitoring Log Integrity",
     "requirement_id": "Art. 19 & Art. 26(6)",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AM-07",
     "name": "Real-Time Alerting and Automated Agent Suspension",
     "requirement_id": "Art. 73",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AM-08",
     "name": "Monitoring Coverage Evidence Package",
     "requirement_id": "Art. 17",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AM-09",
     "name": "Action Effect Reconciliation",
     "requirement_id": "Art. 14",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AG-01",
     "name": "Agentic AI Governance Structure",
     "requirement_id": "Art. 26",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AG-02",
     "name": "Agent Deployment Policy and Pre-Deployment Review Gate",
     "requirement_id": "Art. 9",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AG-03",
     "name": "Agentic AI Risk Assessment Framework",
     "requirement_id": "Art. 9 and Annex III",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AG-04",
     "name": "Senior Accountability for Autonomous AI Systems",
     "requirement_id": "Art. 26",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AG-05",
     "name": "Agent Incident Response Program",
     "requirement_id": "Art. 73",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AG-06",
     "name": "Agent Program Metrics and KPIs",
     "requirement_id": "Art. 72",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AG-08",
     "name": "BehavioralAttestation Production",
     "requirement_id": "Art. 18",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "EF-02",
     "name": "Values-to-Design Mapping",
     "requirement_id": "Art. 9 (Risk Management), Art. 13 (Transparency)",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "EF-03",
     "name": "Ethical Risk Appetite Definition",
     "requirement_id": "Art. 9(4), Art. 9(5)",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "EF-04",
     "name": "Ethics Impact Assessment Framework",
     "requirement_id": "Art. 9, Art. 27",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "EF-05",
     "name": "EU AI Act Prohibited Practices Governance (Art. 5)",
     "requirement_id": "Art. 5",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "EF-06",
     "name": "Ethics-by-Design Integration in Development Lifecycle",
     "requirement_id": "Art. 9, Art. 17",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "EF-07",
     "name": "External Ethics Stakeholder Engagement",
     "requirement_id": "Art. 27, Recital 96",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "EF-08",
     "name": "Ethics Foundations Evidence Package",
     "requirement_id": "Art. 11, Art. 18",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "FA-01",
     "name": "Protected Characteristic Identification and Scope",
     "requirement_id": "Art. 10(5)",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "FA-02",
     "name": "Algorithmic Bias Impact Assessment",
     "requirement_id": "Art. 9(2)(b)",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "FA-03",
     "name": "Fairness Metric Selection and Justification",
     "requirement_id": "Annex IV §2(g)",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "FA-04",
     "name": "Independent Bias Testing Methodology",
     "requirement_id": "Art. 9(6)",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "FA-05",
     "name": "NYC Local Law 144 and Analogous Audit Compliance",
     "requirement_id": "Art. 26",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "FA-06",
     "name": "Disparate Impact Analysis",
     "requirement_id": "Art. 10(5)",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "FA-07",
     "name": "Bias Remediation Governance",
     "requirement_id": "Art. 9(1)",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "FA-08",
     "name": "Fairness and Accountability Evidence Package",
     "requirement_id": "Art. 11 + Annex IV",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "XP-01",
     "name": "Explainability Method Selection and Justification",
     "requirement_id": "Art. 13",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "XP-02",
     "name": "Decision-Level Explanation Requirements",
     "requirement_id": "Art. 13, Art. 86",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "XP-03",
     "name": "Explanation Fidelity and Accuracy Verification",
     "requirement_id": "Art. 9(8)",
     "fit": "adjacent"
    },
    {
     "domain": "ethics",
     "control": "XP-04",
     "name": "Adverse Action Notice and Explanation (ECOA/Reg B, FCRA)",
     "requirement_id": "Art. 86",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "XP-05",
     "name": "Model Card and System Card Transparency Disclosure",
     "requirement_id": "Art. 11, Annex IV",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "XP-06",
     "name": "Technical vs. Non-Technical Explanation Tiers",
     "requirement_id": "Art. 13, Art. 86",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "XP-07",
     "name": "Explanation Completeness and Coverage Auditing",
     "requirement_id": "Art. 9, Art. 72",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "XP-08",
     "name": "Explainability Evidence Package",
     "requirement_id": "Art. 11, Art. 17, Art. 18",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "HI-01",
     "name": "Fundamental Rights Impact Assessment Content Governance",
     "requirement_id": "Art. 27",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "HI-02",
     "name": "Human Dignity and Autonomy Preservation",
     "requirement_id": "Art. 5(1)(b)",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "HI-03",
     "name": "Vulnerable Population Protection",
     "requirement_id": "Art. 9(2)(b)",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "HI-04",
     "name": "Human Oversight and Override Mechanisms",
     "requirement_id": "Art. 14",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "HI-05",
     "name": "Remedy and Redress Mechanisms",
     "requirement_id": "Art. 85",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "HI-06",
     "name": "Consent and Agency Preservation for AI Interactions",
     "requirement_id": "Art. 50",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "HI-07",
     "name": "Child and Minors Safety Controls",
     "requirement_id": "Art. 5(1)(a)",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "HI-08",
     "name": "Human Interests Evidence Package",
     "requirement_id": "Art. 18",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "FM-01",
     "name": "Production Fairness Monitoring Program",
     "requirement_id": "Art. 9(8)",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "FM-02",
     "name": "Disparate Outcome Threshold Governance",
     "requirement_id": "Art. 10(2)(f)",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "FM-03",
     "name": "Statistical Parity and Equalized Odds Monitoring",
     "requirement_id": "Art. 9(8)",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "FM-04",
     "name": "Feedback Loop and Reinforcement Bias Detection",
     "requirement_id": "Art. 9(2)(b)",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "FM-05",
     "name": "Fairness Incident Response Program",
     "requirement_id": "Art. 73",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "FM-06",
     "name": "AI Performance Divergence by Demographic Group",
     "requirement_id": "Art. 10(2)(f)",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "FM-07",
     "name": "Fairness Monitoring Audit Trail",
     "requirement_id": "Art. 12",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "FM-08",
     "name": "Fairness Monitoring Evidence Package",
     "requirement_id": "Art. 11",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "EG-01",
     "name": "Ethics Governance Structure",
     "requirement_id": "Art. 9",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "EG-02",
     "name": "AI Ethics Policy Framework",
     "requirement_id": "Art. 9, Art. 13",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "EG-03",
     "name": "Senior and Board-Level Ethics Accountability",
     "requirement_id": "Art. 9",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "EG-04",
     "name": "Ethics Training and Capability Building",
     "requirement_id": "Art. 4",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "EG-05",
     "name": "Third-Party AI Provider Ethics Accountability",
     "requirement_id": "Art. 26",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "EG-06",
     "name": "Ethics Incident Response",
     "requirement_id": "Art. 73",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "EG-07",
     "name": "Ethics Program Metrics and Effectiveness Measurement",
     "requirement_id": "Art. 9(4)",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "EG-08",
     "name": "EthicsAttestation Production",
     "requirement_id": "Art. 43",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "MR-01",
     "name": "SR 26-2 Model Inventory and Risk Tiering",
     "requirement_id": "Art. 49",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "MR-02",
     "name": "Model Risk Governance Policy Framework",
     "requirement_id": "Art. 9",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "MR-03",
     "name": "Pre-Deployment Model Risk Assessment",
     "requirement_id": "Art. 9(6)",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "MR-04",
     "name": "Model Risk Appetite and Material Model Thresholds",
     "requirement_id": "Art. 9(2)",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MR-05",
     "name": "Ongoing Model Risk Monitoring",
     "requirement_id": "Art. 72",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "MR-06",
     "name": "Third-Party and Vendor AI Model Risk Management",
     "requirement_id": "Art. 25",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "MR-07",
     "name": "Emerging Model Risk Identification",
     "requirement_id": "Art. 9(2)",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "MR-08",
     "name": "Model Risk Evidence Package",
     "requirement_id": "Art. 11",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "MV-01",
     "name": "Independent Validation Function Charter",
     "requirement_id": "Art. 9(1)",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MV-02",
     "name": "Conceptual Soundness Assessment",
     "requirement_id": "Art. 10",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MV-03",
     "name": "Outcome Analysis and Backtesting",
     "requirement_id": "Art. 9(6)-(8), Art. 15",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MV-04",
     "name": "Benchmarking and Challenger Models",
     "requirement_id": "Art. 9(6)",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MV-05",
     "name": "Validation Frequency and Trigger-Based Review",
     "requirement_id": "Art. 9(2), 9(6)",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "MV-06",
     "name": "Validation Scope for AI/ML and LLM Models",
     "requirement_id": "Art. 9 & 10",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "MV-07",
     "name": "Validation Finding Escalation and Remediation",
     "requirement_id": "Art. 9(2)(d)",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MV-08",
     "name": "Model Validation Evidence Package",
     "requirement_id": "Art. 11 & 18",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FD-01",
     "name": "AI-Driven Decision Transparency and Auditability",
     "requirement_id": "Art. 13",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FD-02",
     "name": "ECOA/Reg B Adverse Action Notice for AI Decisions",
     "requirement_id": "Art. 86",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FD-03",
     "name": "Fair Lending AI Explainability",
     "requirement_id": "Art. 10",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FD-05",
     "name": "Financial Consumer Notification and Rights",
     "requirement_id": "Art. 50",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FD-06",
     "name": "AI System Disclosure in Financial Filings",
     "requirement_id": "Art. 53",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FD-07",
     "name": "Model Transparency Dashboard for Senior Management",
     "requirement_id": "Art. 9 — Risk Management System",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FD-08",
     "name": "Financial Disclosure Evidence Package",
     "requirement_id": "Art. 18",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FC-02",
     "name": "AI-Generated Output Materiality Assessment",
     "requirement_id": "Art. 9, Annex III point 5(b)",
     "fit": "adjacent"
    },
    {
     "domain": "finance",
     "control": "FC-04",
     "name": "Change Management Controls for Financial AI Systems",
     "requirement_id": "Art. 9(4), Art. 15",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FC-05",
     "name": "Access Controls for Financial AI Systems",
     "requirement_id": "Art. 15",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FC-06",
     "name": "AI Operational Error and Financial Exception Management",
     "requirement_id": "Art. 73",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FC-07",
     "name": "Financial Data Integrity Monitoring",
     "requirement_id": "Art. 10(3)",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FC-08",
     "name": "Financial Controls Evidence Package",
     "requirement_id": "Art. 18, Annex IV",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FP-01",
     "name": "AI Use Policy for Financial Decision-Making",
     "requirement_id": "Art. 9",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FP-02",
     "name": "Prohibited AI Use Cases in Financial Services",
     "requirement_id": "Art. 5 & Annex III",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FP-03",
     "name": "Financial AI Risk Appetite Statement",
     "requirement_id": "Art. 9(4)",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FP-04",
     "name": "AI Procurement and Vendor Management Policy for Finance",
     "requirement_id": "Art. 25",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FP-05",
     "name": "Data Governance Policy for Financial AI",
     "requirement_id": "Art. 10",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FP-06",
     "name": "Financial AI Change Control Policy",
     "requirement_id": "Art. 9(4) & Art. 43",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FP-07",
     "name": "AI Exception and Escalation Policy",
     "requirement_id": "Art. 14",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FP-08",
     "name": "Financial Policy Evidence Package",
     "requirement_id": "Art. 11 & 18",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FG-01",
     "name": "Finance AI Governance Structure",
     "requirement_id": "Art. 9",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FG-02",
     "name": "Senior and Named Accountability for Financial AI Decisions",
     "requirement_id": "Art. 16",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FG-03",
     "name": "Board-Level Oversight of Financial AI Risk",
     "requirement_id": "Art. 9(2)",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FG-04",
     "name": "Regulatory Relationship Management",
     "requirement_id": "Art. 26(5)",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FG-05",
     "name": "Finance AI Incident Response Integration",
     "requirement_id": "Art. 73",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FG-07",
     "name": "Annual AI Governance Review",
     "requirement_id": "Art. 9(6)",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FG-08",
     "name": "FinanceAttestation Production",
     "requirement_id": "Art. 11",
     "fit": "direct"
    },
    {
     "domain": "authority",
     "control": "PV-01",
     "name": "Operating Intent Declaration",
     "requirement_id": "Art. 9 — Risk management system",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PV-02",
     "name": "Operating Intent Boundary Validation",
     "requirement_id": "Art. 9 — Risk management system",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PV-03",
     "name": "Intended Purpose Alignment Review",
     "requirement_id": "Art. 9 — Risk management system",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PV-06",
     "name": "Operating Context Change Management",
     "requirement_id": "Art. 9 — Risk management system",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PV-07",
     "name": "Deployment Scope Attestation",
     "requirement_id": "Art. 13 — Transparency and provision of information to deployers",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PV-09",
     "name": "Principal Verification Layer Evidence Package",
     "requirement_id": "Art. 17",
     "fit": "direct"
    },
    {
     "domain": "authority",
     "control": "PA-04",
     "name": "Principal Accountability Binding",
     "requirement_id": "Art. 25 / Art. 26 — Responsibilities along the AI value chain; obligations of deployers of high-risk AI systems",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PA-09",
     "name": "Authority Scope Layer Evidence Package",
     "requirement_id": "Art. 17",
     "fit": "direct"
    },
    {
     "domain": "authority",
     "control": "PO-05",
     "name": "Data Use Policy Enforcement",
     "requirement_id": "Art. 10 — Data and data governance",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PO-09",
     "name": "Policy Obligation Layer Evidence Package",
     "requirement_id": "Art. 17",
     "fit": "direct"
    },
    {
     "domain": "authority",
     "control": "PR-09",
     "name": "Procurement Governance Layer Evidence Package",
     "requirement_id": "Art. 17",
     "fit": "direct"
    },
    {
     "domain": "authority",
     "control": "PG-09",
     "name": "Policy Governance Layer Evidence Package",
     "requirement_id": "Art. 17",
     "fit": "direct"
    },
    {
     "domain": "authority",
     "control": "PE-02",
     "name": "Regulatory Disclosure Readiness",
     "requirement_id": "Art. 13 — Transparency and provision of information to deployers",
     "fit": "partial"
    },
    {
     "domain": "knowledge",
     "control": "KS-01",
     "name": "Knowledge Source Authorization Register",
     "requirement_id": "Art. 10(3)",
     "fit": "partial"
    },
    {
     "domain": "knowledge",
     "control": "KS-03",
     "name": "Source Currency and Maximum Age Policy",
     "requirement_id": "Art. 10(3)",
     "fit": "partial"
    },
    {
     "domain": "knowledge",
     "control": "KS-04",
     "name": "Source Provenance Documentation",
     "requirement_id": "Art. 10(2)(b)",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KS-06",
     "name": "Knowledge Domain Boundary Definition",
     "requirement_id": "Art. 9(2)",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KS-07",
     "name": "Source Attribution and Citation Disclosure Requirements",
     "requirement_id": "Art. 13(1)",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KS-08",
     "name": "Knowledge Sources Evidence Package",
     "requirement_id": "Art. 11",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KI-01",
     "name": "Ingestion Pipeline Authorization",
     "requirement_id": "Art. 10(2)(f)–(g)",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KI-02",
     "name": "Knowledge Poisoning Detection and Prevention",
     "requirement_id": "Art. 10(2)(f)",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KI-04",
     "name": "Content Sensitivity Classification at Ingestion",
     "requirement_id": "Art. 10(5)",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KI-05",
     "name": "Copyright and License Compliance at Ingestion",
     "requirement_id": "Art. 53(1)(c)–(d)",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KI-06",
     "name": "Pre-Ingestion Content Quality Gates",
     "requirement_id": "Art. 10(3)",
     "fit": "partial"
    },
    {
     "domain": "knowledge",
     "control": "KI-07",
     "name": "Ingestion Audit Trail",
     "requirement_id": "Art. 12",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KI-08",
     "name": "Knowledge Ingestion Evidence Package",
     "requirement_id": "Art. 18",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KR-02",
     "name": "Grounding Completeness Requirements",
     "requirement_id": "Art. 13",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KR-03",
     "name": "Citation Fidelity and Accuracy Enforcement",
     "requirement_id": "Art. 13(3)",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KR-04",
     "name": "Retrieval Hallucination Detection",
     "requirement_id": "Art. 9",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KR-05",
     "name": "Retrieval Permission Verification",
     "requirement_id": "Art. 15",
     "fit": "partial"
    },
    {
     "domain": "knowledge",
     "control": "KR-07",
     "name": "Retrieval Audit Trail",
     "requirement_id": "Art. 17",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KR-08",
     "name": "Knowledge Retrieval Evidence Package",
     "requirement_id": "Art. 17",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KC-01",
     "name": "Knowledge Staleness Classification Policy",
     "requirement_id": "Art. 10(3)",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KC-02",
     "name": "Automated Staleness Detection",
     "requirement_id": "Art. 10(3)",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KC-03",
     "name": "Knowledge Refresh Scheduling and Execution",
     "requirement_id": "Art. 9(2)",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KC-04",
     "name": "Knowledge Version Control and Change History",
     "requirement_id": "Art. 12(1)",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KC-05",
     "name": "Knowledge Cutoff Date Disclosure to Users",
     "requirement_id": "Art. 13(1)",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KC-06",
     "name": "Domain-Specific Currency Requirements",
     "requirement_id": "Art. 10(2)(b)",
     "fit": "partial"
    },
    {
     "domain": "knowledge",
     "control": "KC-07",
     "name": "Emergency Knowledge Update Procedures",
     "requirement_id": "Art. 72",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KC-08",
     "name": "Knowledge Currency Evidence Package",
     "requirement_id": "Art. 18",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KM-01",
     "name": "Knowledge Asset Lifecycle Governance",
     "requirement_id": "Art. 10(3)",
     "fit": "partial"
    },
    {
     "domain": "knowledge",
     "control": "KM-02",
     "name": "Knowledge Base Segmentation and Access Control",
     "requirement_id": "Art. 15",
     "fit": "partial"
    },
    {
     "domain": "knowledge",
     "control": "KM-04",
     "name": "Knowledge Archival and Retention Policy",
     "requirement_id": "Art. 12(1) — Record-keeping",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KM-05",
     "name": "Knowledge-to-Output Lineage Tracking",
     "requirement_id": "Art. 13(1) — Transparency",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KM-06",
     "name": "Knowledge Impact Assessment Before Major Changes",
     "requirement_id": "Art. 9(2) — Risk management system",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KM-08",
     "name": "Knowledge Management Evidence Package",
     "requirement_id": "Art. 17(1) — Quality Management",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KG-01",
     "name": "Knowledge Governance Structure",
     "requirement_id": "Art. 9 — Risk Management System",
     "fit": "partial"
    },
    {
     "domain": "knowledge",
     "control": "KG-02",
     "name": "AI Knowledge Substrate Policy Framework",
     "requirement_id": "Art. 10 — Data and data governance",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KG-03",
     "name": "Senior Accountability for Knowledge Quality and Safety",
     "requirement_id": "Art. 9 and Art. 17",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KG-04",
     "name": "Knowledge Risk Assessment",
     "requirement_id": "Art. 9 — Risk management system",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KG-05",
     "name": "External Knowledge Provider Governance",
     "requirement_id": "Art. 10 and Art. 25",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KG-06",
     "name": "Knowledge Incident Response",
     "requirement_id": "Art. 73 — Reporting of serious incidents",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KG-07",
     "name": "Knowledge Program Metrics and Effectiveness Reporting",
     "requirement_id": "Art. 9 — Risk management: monitoring effectiveness",
     "fit": "partial"
    },
    {
     "domain": "knowledge",
     "control": "KG-08",
     "name": "KnowledgeAttestation Production",
     "requirement_id": "Art. 17 — Quality management system; Art. 47 — EU declaration of conformity",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DX-01",
     "name": "Data Sensitivity Classification Framework for AI",
     "requirement_id": "Art. 10(3)",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DX-05",
     "name": "Third-Party Data Sharing Agreements and Controls",
     "requirement_id": "Art. 23-24",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DX-08",
     "name": "Data Exchange Evidence Package",
     "requirement_id": "Art. 11 + Annex IV",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DI-01",
     "name": "Data Integrity Baseline and Checksum Monitoring",
     "requirement_id": "Art. 10(2)(e)",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DI-02",
     "name": "Tamper Detection for AI Inference Inputs",
     "requirement_id": "Art. 15",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DI-04",
     "name": "AI Output Data Integrity Verification",
     "requirement_id": "Art. 15",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DI-05",
     "name": "Database and Storage Integrity Monitoring",
     "requirement_id": "Art. 9(2)(a)",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DI-06",
     "name": "Model Memorization Risk Assessment and Output Leakage Prevention",
     "requirement_id": "Art. 10(5)",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DI-07",
     "name": "Data Integrity Incident Response",
     "requirement_id": "Art. 73",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DI-08",
     "name": "Data Integrity Evidence Package",
     "requirement_id": "Art. 11 & Annex IV",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DM-01",
     "name": "AI Data Asset Inventory and Cataloging",
     "requirement_id": "Art. 10(2)(a)",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DM-03",
     "name": "Data Retention and Disposal Governance",
     "requirement_id": "Art. 10(5)",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DM-05",
     "name": "Data Quality Standards and Target Setting",
     "requirement_id": "Art. 10(3)",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DM-06",
     "name": "Data Schema Governance and Breaking Change Control",
     "requirement_id": "Art. 10(2)",
     "fit": "adjacent"
    },
    {
     "domain": "data",
     "control": "DM-07",
     "name": "Synthetic Data Governance",
     "requirement_id": "Art. 10(2)(f)",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DM-08",
     "name": "Data Management Evidence Package",
     "requirement_id": "Art. 11",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DL-01",
     "name": "End-to-End Data Lineage Tracking",
     "requirement_id": "Art. 10(2)(b)",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DL-02",
     "name": "Training Data Lineage Documentation",
     "requirement_id": "Art. 10(2)",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DL-03",
     "name": "Inference-Time Data Lineage (Per-Decision Provenance)",
     "requirement_id": "Art. 12(1)",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DL-04",
     "name": "Transformation and Enrichment Lineage",
     "requirement_id": "Art. 10(2)(c)",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DL-05",
     "name": "Data Lineage Completeness Auditing",
     "requirement_id": "Art. 17(1)(f)",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DL-06",
     "name": "Data Lineage for Regulatory and Legal Purposes",
     "requirement_id": "Art. 18",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DL-08",
     "name": "Data Lineage Evidence Package",
     "requirement_id": "Art. 11 & Art. 18",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DA-03",
     "name": "Consent-Based Data Access Controls",
     "requirement_id": "Art. 10(5)",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DA-08",
     "name": "Data Access Evidence Package",
     "requirement_id": "Art. 11, Art. 17",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DV-01",
     "name": "Schema Validation for AI Inputs",
     "requirement_id": "Art. 10(3)",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DV-02",
     "name": "Data Quality Gate Enforcement",
     "requirement_id": "Art. 10(3)",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DV-03",
     "name": "Statistical Distribution Validation",
     "requirement_id": "Art. 9(6)-(8)",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DV-04",
     "name": "AI Output Validation Rules",
     "requirement_id": "Art. 15",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DV-05",
     "name": "Validation Exception Management",
     "requirement_id": "Art. 9(1)",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DV-06",
     "name": "Validation Pipeline Monitoring",
     "requirement_id": "Art. 9(6)-(8)",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DV-08",
     "name": "DataGovernanceAttestation Production",
     "requirement_id": "Art. 11 & 12",
     "fit": "direct"
    }
   ],
   "source_refs": [
    {
     "domain": "security",
     "control": "IA-06",
     "name": "Bind a signed, end-to-end provenance chain to every agent action",
     "relationship": "normative_requirement"
    },
    {
     "domain": "security",
     "control": "IA-06",
     "name": "Bind a signed, end-to-end provenance chain to every agent action",
     "relationship": "normative_requirement"
    },
    {
     "domain": "security",
     "control": "GV-02",
     "name": "Keep an immutable, tamper-evident audit trail of what the agent did",
     "relationship": "normative_requirement"
    },
    {
     "domain": "security",
     "control": "GV-02",
     "name": "Keep an immutable, tamper-evident audit trail of what the agent did",
     "relationship": "normative_requirement"
    },
    {
     "domain": "security",
     "control": "AS-03",
     "name": "Gate releases on continuous adversarial validation",
     "relationship": "normative_requirement"
    },
    {
     "domain": "model",
     "control": "LI-04",
     "name": "Structured Model Documentation — Complete Model Card with All Required Sections",
     "relationship": "normative_requirement"
    },
    {
     "domain": "model",
     "control": "LI-06",
     "name": "Immutable Version Control with Tested Rollback and Emergency Disable",
     "relationship": "normative_requirement"
    },
    {
     "domain": "model",
     "control": "LI-07",
     "name": "Capability and Limitation Declaration — Intended Use, Constraints,...",
     "relationship": "normative_requirement"
    },
    {
     "domain": "model",
     "control": "LI-09",
     "name": "Material-Change Determination and Authorization Gate",
     "relationship": "normative_requirement"
    },
    {
     "domain": "model",
     "control": "LI-10",
     "name": "Model Retirement and Archive Policy — End-of-Life Procedure, Evidence...",
     "relationship": "normative_requirement"
    },
    {
     "domain": "model",
     "control": "TG-01",
     "name": "Training Data Quality Gates",
     "relationship": "normative_requirement"
    },
    {
     "domain": "model",
     "control": "TG-02",
     "name": "Bias and Representativeness Assessment",
     "relationship": "normative_requirement"
    },
    {
     "domain": "model",
     "control": "TG-03",
     "name": "Data Rights, Lawful Authority and Permitted Use",
     "relationship": "normative_requirement"
    },
    {
     "domain": "model",
     "control": "TG-06",
     "name": "Sensitive-Data Necessity, Minimization and Controlled Use",
     "relationship": "normative_requirement"
    },
    {
     "domain": "model",
     "control": "TG-07",
     "name": "Third-Party Dataset Governance",
     "relationship": "normative_requirement"
    },
    {
     "domain": "model",
     "control": "TG-08",
     "name": "Dataset Retention, Deletion and Lifecycle",
     "relationship": "normative_requirement"
    },
    {
     "domain": "model",
     "control": "EV-01",
     "name": "Pre-Deployment Evaluation Gate",
     "relationship": "normative_requirement"
    },
    {
     "domain": "model",
     "control": "EV-02",
     "name": "Fitness, Safety, Reliability and Policy-Conformance Evaluation",
     "relationship": "normative_requirement"
    },
    {
     "domain": "model",
     "control": "EV-03",
     "name": "Dangerous Capability Threshold Assessment",
     "relationship": "normative_requirement"
    },
    {
     "domain": "model",
     "control": "EV-04",
     "name": "Adversarial Red-Team Testing",
     "relationship": "normative_requirement"
    },
    {
     "domain": "model",
     "control": "EV-05",
     "name": "Fairness and Bias Evaluation",
     "relationship": "normative_requirement"
    },
    {
     "domain": "model",
     "control": "EV-07",
     "name": "Regression Testing on Updates",
     "relationship": "normative_requirement"
    },
    {
     "domain": "model",
     "control": "EV-08",
     "name": "Independent Validation",
     "relationship": "normative_requirement"
    },
    {
     "domain": "model",
     "control": "EV-09",
     "name": "Risk and Applicability Classification",
     "relationship": "normative_requirement"
    },
    {
     "domain": "model",
     "control": "EV-10",
     "name": "Evaluation Result Provenance",
     "relationship": "normative_requirement"
    },
    {
     "domain": "model",
     "control": "OA-01",
     "name": "Model Ownership Assignment",
     "relationship": "normative_requirement"
    },
    {
     "domain": "model",
     "control": "OA-02",
     "name": "Meaningful Human Oversight for High-Stakes Decisions",
     "relationship": "normative_requirement"
    },
    {
     "domain": "model",
     "control": "OA-03",
     "name": "AI Model Governance Committee",
     "relationship": "normative_requirement"
    },
    {
     "domain": "model",
     "control": "OA-05",
     "name": "Regulatory and Legal Review Sign-Off",
     "relationship": "normative_requirement"
    },
    {
     "domain": "model",
     "control": "OA-07",
     "name": "Incident Escalation Authority Chain",
     "relationship": "normative_requirement"
    },
    {
     "domain": "model",
     "control": "OA-08",
     "name": "Notice, Explanation Support, Human Review and Contestability",
     "relationship": "normative_requirement"
    },
    {
     "domain": "model",
     "control": "BH-03",
     "name": "Production Performance Degradation Alerting",
     "relationship": "normative_requirement"
    },
    {
     "domain": "model",
     "control": "BH-05",
     "name": "Usage Telemetry and Decision Logging",
     "relationship": "normative_requirement"
    },
    {
     "domain": "model",
     "control": "BH-09",
     "name": "Synthetic-Content Provenance, Disclosure and Traceability",
     "relationship": "normative_requirement"
    },
    {
     "domain": "model",
     "control": "CR-01",
     "name": "Continuous Production Monitoring and Risk Aggregation",
     "relationship": "normative_requirement"
    },
    {
     "domain": "model",
     "control": "CR-02",
     "name": "Model Evidence Archive and Audit Trail",
     "relationship": "normative_requirement"
    },
    {
     "domain": "model",
     "control": "CR-03",
     "name": "Scheduled Model Re-validation",
     "relationship": "normative_requirement"
    },
    {
     "domain": "model",
     "control": "CR-04",
     "name": "AI Incident Response Management",
     "relationship": "normative_requirement"
    },
    {
     "domain": "model",
     "control": "CR-05",
     "name": "Regulatory Notification and Statutory Reporting",
     "relationship": "normative_requirement"
    },
    {
     "domain": "model",
     "control": "CR-06",
     "name": "Post-Market Surveillance",
     "relationship": "normative_requirement"
    },
    {
     "domain": "model",
     "control": "CR-07",
     "name": "Model Retirement and Evidence Archival",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DG-05",
     "name": "DPIA Lifecycle Management",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DS-05",
     "name": "Automated Decision Explanation Rights",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DP-02",
     "name": "Pseudonymization Implementation",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DP-06",
     "name": "Synthetic Data Governance",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "PC-06",
     "name": "AI Privacy Impact Assessment",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "PC-08",
     "name": "PrivacyAttestation [BASELINE]",
     "relationship": "normative_requirement"
    },
    {
     "domain": "identity",
     "control": "IC-05",
     "name": "Identity Compliance Mapping",
     "relationship": "normative_requirement"
    },
    {
     "domain": "agentic",
     "control": "AM-09",
     "name": "Action Effect Reconciliation",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PV-01",
     "name": "Operating Intent Declaration",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PV-02",
     "name": "Operating Intent Boundary Validation",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PV-03",
     "name": "Intended Purpose Alignment Review",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PV-06",
     "name": "Operating Context Change Management",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PV-07",
     "name": "Deployment Scope Attestation",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PA-04",
     "name": "Principal Accountability Binding",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PO-05",
     "name": "Data Use Policy Enforcement",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PE-02",
     "name": "Regulatory Disclosure Readiness",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PE-02",
     "name": "Regulatory Disclosure Readiness",
     "relationship": "normative_requirement"
    },
    {
     "domain": "knowledge",
     "control": "KS-03",
     "name": "Source Currency and Maximum Age Policy",
     "relationship": "normative_requirement"
    },
    {
     "domain": "knowledge",
     "control": "KI-01",
     "name": "Ingestion Pipeline Authorization",
     "relationship": "normative_requirement"
    },
    {
     "domain": "knowledge",
     "control": "KI-06",
     "name": "Pre-Ingestion Content Quality Gates",
     "relationship": "normative_requirement"
    },
    {
     "domain": "knowledge",
     "control": "KI-07",
     "name": "Ingestion Audit Trail",
     "relationship": "normative_requirement"
    },
    {
     "domain": "knowledge",
     "control": "KI-08",
     "name": "Knowledge Ingestion Evidence Package",
     "relationship": "normative_requirement"
    },
    {
     "domain": "knowledge",
     "control": "KR-07",
     "name": "Retrieval Audit Trail",
     "relationship": "normative_requirement"
    },
    {
     "domain": "knowledge",
     "control": "KR-08",
     "name": "Knowledge Retrieval Evidence Package",
     "relationship": "normative_requirement"
    },
    {
     "domain": "knowledge",
     "control": "KC-01",
     "name": "Knowledge Staleness Classification Policy",
     "relationship": "normative_requirement"
    },
    {
     "domain": "knowledge",
     "control": "KC-06",
     "name": "Domain-Specific Currency Requirements",
     "relationship": "normative_requirement"
    },
    {
     "domain": "knowledge",
     "control": "KC-07",
     "name": "Emergency Knowledge Update Procedures",
     "relationship": "normative_requirement"
    },
    {
     "domain": "knowledge",
     "control": "KM-01",
     "name": "Knowledge Asset Lifecycle Governance",
     "relationship": "normative_requirement"
    },
    {
     "domain": "knowledge",
     "control": "KM-04",
     "name": "Knowledge Archival and Retention Policy",
     "relationship": "normative_requirement"
    },
    {
     "domain": "knowledge",
     "control": "KM-08",
     "name": "Knowledge Management Evidence Package",
     "relationship": "normative_requirement"
    },
    {
     "domain": "knowledge",
     "control": "KG-01",
     "name": "Knowledge Governance Structure",
     "relationship": "normative_requirement"
    },
    {
     "domain": "knowledge",
     "control": "KG-02",
     "name": "AI Knowledge Substrate Policy Framework",
     "relationship": "normative_requirement"
    },
    {
     "domain": "knowledge",
     "control": "KG-03",
     "name": "Senior Accountability for Knowledge Quality and Safety",
     "relationship": "normative_requirement"
    },
    {
     "domain": "knowledge",
     "control": "KG-04",
     "name": "Knowledge Risk Assessment",
     "relationship": "normative_requirement"
    },
    {
     "domain": "knowledge",
     "control": "KG-06",
     "name": "Knowledge Incident Response",
     "relationship": "normative_requirement"
    },
    {
     "domain": "knowledge",
     "control": "KG-07",
     "name": "Knowledge Program Metrics and Effectiveness Reporting",
     "relationship": "normative_requirement"
    },
    {
     "domain": "knowledge",
     "control": "KG-08",
     "name": "KnowledgeAttestation Production",
     "relationship": "normative_requirement"
    },
    {
     "domain": "data",
     "control": "DX-08",
     "name": "Data Exchange Evidence Package",
     "relationship": "normative_requirement"
    },
    {
     "domain": "data",
     "control": "DI-07",
     "name": "Data Integrity Incident Response",
     "relationship": "normative_requirement"
    },
    {
     "domain": "data",
     "control": "DM-03",
     "name": "Data Retention and Disposal Governance",
     "relationship": "normative_requirement"
    },
    {
     "domain": "data",
     "control": "DM-08",
     "name": "Data Management Evidence Package",
     "relationship": "normative_requirement"
    },
    {
     "domain": "data",
     "control": "DL-03",
     "name": "Inference-Time Data Lineage (Per-Decision Provenance)",
     "relationship": "normative_requirement"
    },
    {
     "domain": "data",
     "control": "DL-06",
     "name": "Data Lineage for Regulatory and Legal Purposes",
     "relationship": "normative_requirement"
    },
    {
     "domain": "data",
     "control": "DL-08",
     "name": "Data Lineage Evidence Package",
     "relationship": "normative_requirement"
    },
    {
     "domain": "data",
     "control": "DA-08",
     "name": "Data Access Evidence Package",
     "relationship": "normative_requirement"
    },
    {
     "domain": "data",
     "control": "DV-08",
     "name": "DataGovernanceAttestation Production",
     "relationship": "normative_requirement"
    }
   ],
   "by_domain": {
    "security": 4,
    "model": 47,
    "privacy": 6,
    "compliance": 45,
    "identity": 4,
    "agentic": 37,
    "ethics": 47,
    "finance": 44,
    "authority": 13,
    "knowledge": 41,
    "data": 32
   },
   "title": "EU AI Act",
   "total": 407
  },
  {
   "source_id": "iso_42001",
   "framework_refs": [
    {
     "domain": "security",
     "control": "IA-01",
     "name": "Give every agent its own distinct identity, never a shared or human login",
     "requirement_id": "ISO/IEC 42001 A.9.2 (responsible use of AI systems)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "IA-02",
     "name": "Hand out short-lived, task-scoped keys (no long-lived secrets)",
     "requirement_id": "ISO/IEC 42001 A.9.2 (responsible use of AI systems)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "IA-03",
     "name": "Act on the user's behalf with explicit approval for sensitive steps",
     "requirement_id": "ISO/IEC 42001 A.9.2 (responsible use of AI systems)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "IA-04",
     "name": "Check permission continuously at run time, not just once at login",
     "requirement_id": "ISO/IEC 42001 A.9.2 (responsible use of AI systems)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "IA-05",
     "name": "Find and inventory every agent, surface the shadow ones",
     "requirement_id": "ISO/IEC 42001 A.4.2 (resource documentation)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "IA-06",
     "name": "Bind a signed, end-to-end provenance chain to every agent action",
     "requirement_id": "ISO/IEC 42001 A.6.2.8 (AI system recording of event logs)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "EC-01",
     "name": "Run the agent in a sandbox, from process isolation up to micro-VMs",
     "requirement_id": "ISO/IEC 42001 A.4.5 (system and computing resources)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "EC-02",
     "name": "Filter the agent's outbound network traffic",
     "requirement_id": "ISO/IEC 42001 A.6.2.6 (AI system operation and monitoring)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "EC-03",
     "name": "Keep memory short-lived, and validate anything written to it",
     "requirement_id": "ISO/IEC 42001 A.7.4 (quality of data for AI systems)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "EC-04",
     "name": "Limit filesystem and tool access to the bare minimum",
     "requirement_id": "ISO/IEC 42001 A.4.4 (tooling resources)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "EC-05",
     "name": "Cap spend and resource use, stop denial-of-wallet",
     "requirement_id": "ISO/IEC 42001 A.4.5 (system and computing resources)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "EC-06",
     "name": "Contain runaway loops and over-reach (least-agency)",
     "requirement_id": "ISO/IEC 42001 A.9.2 (responsible use of AI systems)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "EC-07",
     "name": "Trust-rank retrieved content before it enters the agent's context",
     "requirement_id": "ISO/IEC 42001 A.7.5 (data provenance)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "EC-08",
     "name": "Keep secrets out of the prompt and context",
     "requirement_id": "ISO/IEC 42001 A.6.2.6 (AI system operation and monitoring)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "EC-09",
     "name": "Treat the workspace and its config and hooks as untrusted",
     "requirement_id": "ISO/IEC 42001 A.4.4 (tooling resources)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "PT-01",
     "name": "Authenticate and sign agent-to-agent communication",
     "requirement_id": "ISO/IEC 42001 A.6.2.6 (AI system operation and monitoring)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "PT-02",
     "name": "Authorize tool calls and govern the MCP server registry",
     "requirement_id": "ISO/IEC 42001 A.4.4 (tooling resources)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "PT-03",
     "name": "Verify skill/tool manifest integrity and sign the supply chain",
     "requirement_id": "ISO/IEC 42001 A.10.3 (suppliers)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "PT-04",
     "name": "Validate tool input/output, treat tool results as untrusted",
     "requirement_id": "ISO/IEC 42001 A.6.2.4 (AI system verification and validation)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "PT-05",
     "name": "Encode and validate the agent's own output before it reaches other systems",
     "requirement_id": "ISO/IEC 42001 A.6.2.4 (AI system verification and validation)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "PT-06",
     "name": "Sanitize model-generated tool parameters, not just the schema",
     "requirement_id": "ISO/IEC 42001 A.6.2.4 (AI system verification and validation)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "PT-07",
     "name": "Verify tool descriptions for hidden instructions (description injection)",
     "requirement_id": "ISO/IEC 42001 A.6.2.4 (AI system verification and validation)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "GV-01",
     "name": "Require a human hard-stop for irreversible actions",
     "requirement_id": "ISO/IEC 42001 A.9.2 (responsible use of AI systems)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "GV-02",
     "name": "Keep an immutable, tamper-evident audit trail of what the agent did",
     "requirement_id": "ISO/IEC 42001 A.6.2.8 (AI system recording of event logs)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "GV-03",
     "name": "Define multi-agent authority and conflict resolution explicitly",
     "requirement_id": "ISO/IEC 42001 A.3.2 (AI roles and responsibilities)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "GV-04",
     "name": "Enforce policy as code at run time, in the request path",
     "requirement_id": "ISO/IEC 42001 A.2.2 (AI policy)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "GV-05",
     "name": "Run an AI management system and tier agents by their autonomy",
     "requirement_id": "ISO/IEC 42001 A.2.2 (AI policy); ISO/IEC 42005 (impact assessment)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "GV-06",
     "name": "Cap the rate and volume of irreversible actions",
     "requirement_id": "ISO/IEC 42001 A.9.2 (responsible use of AI systems)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "GV-07",
     "name": "Protect humans from being deceived by an agent",
     "requirement_id": "ISO/IEC 42001 A.8.2 (system documentation and information for users)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "GV-08",
     "name": "Make high-impact actions transactional, atomic, idempotent, state-checked",
     "requirement_id": "ISO/IEC 42001 A.9.2 (responsible use of AI systems)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "GV-09",
     "name": "Anchor a named business owner to every agent (accountability)",
     "requirement_id": "ISO/IEC 42001 A.3.2 (AI roles and responsibilities)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "GV-10",
     "name": "Enable end-user responsibility and guard against automation bias",
     "requirement_id": "ISO/IEC 42001 A.9.2 (responsible use of AI systems)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "RT-01",
     "name": "Capture OS-level telemetry of what the agent actually does",
     "requirement_id": "ISO/IEC 42001 A.6.2.6 (AI system operation and monitoring)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "RT-02",
     "name": "Detect direct and indirect prompt injection at every input and output",
     "requirement_id": "ISO/IEC 42001 A.6.2.6 (AI system operation and monitoring)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "RT-03",
     "name": "Supervise the agent's reasoning and check it matches its actions",
     "requirement_id": "ISO/IEC 42001 A.6.2.6 (AI system operation and monitoring)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "RT-04",
     "name": "Detect anomalies and trigger pause, kill switch, or containment",
     "requirement_id": "ISO/IEC 42001 A.6.2.6 (AI system operation and monitoring)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "RT-05",
     "name": "Apply data-loss prevention to agent egress and interactions",
     "requirement_id": "ISO/IEC 42001 A.6.2.6 (AI system operation and monitoring)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "RT-06",
     "name": "Map AI-native threats, extend ATT&CK/ATLAS to agentic orchestration",
     "requirement_id": "ISO/IEC 42001 A.6.2.6 (AI system operation and monitoring; broad, does not codify tactical ATT&CK/ATLAS threat mapping)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "RT-07",
     "name": "Detect multi-agent collusion and covert channels",
     "requirement_id": "ISO/IEC 42001 A.6.2.6 (AI system operation and monitoring)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "RT-08",
     "name": "Monitor latent and representation-level signals, not just visible reasoning",
     "requirement_id": "ISO/IEC 42001 A.6.2.6 (AI system operation and monitoring)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "AS-01",
     "name": "Adversarially red-team and evaluate the agent before launch",
     "requirement_id": "ISO/IEC 42001 A.6.2.4 (AI system verification and validation)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "AS-02",
     "name": "Statically analyze agent skills and manifests in CI",
     "requirement_id": "ISO/IEC 42001 A.6.2.4 (AI system verification and validation)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "AS-03",
     "name": "Gate releases on continuous adversarial validation",
     "requirement_id": "ISO/IEC 42001 A.6.2.4 (AI system verification and validation)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "AS-04",
     "name": "Run a bug-bounty / vulnerability reward program for agentic abuse",
     "requirement_id": "ISO/IEC 42001 A.6.2.4 (AI system verification and validation)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "AS-05",
     "name": "Study frontier offensive capability before public release",
     "requirement_id": "ISO/IEC 42001 A.5.2 (AI system impact assessment process)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "AS-06",
     "name": "Verify model-weights and training-data provenance before load",
     "requirement_id": "ISO/IEC 42001 A.7.5 (data provenance)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "AS-07",
     "name": "Verify a skill does what it declares (behavioral integrity)",
     "requirement_id": "ISO/IEC 42001 A.6.2.4 (AI system verification and validation)",
     "fit": "adjacent"
    },
    {
     "domain": "model",
     "control": "LI-01",
     "name": "Unique Model Identity and Content-Addressed Version Hash",
     "requirement_id": "A.6.2.5",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "LI-02",
     "name": "Model Provenance Chain — Base Model, Fine-Tune, Merge, and Adapter Lineage",
     "requirement_id": "A.6.2.3",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "LI-03",
     "name": "Supply Chain Integrity — Third-Party Model Verification and Cryptographic...",
     "requirement_id": "A.10.3",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "LI-04",
     "name": "Structured Model Documentation — Complete Model Card with All Required Sections",
     "requirement_id": "A.6.2.3",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "LI-05",
     "name": "Training Data Lineage Pointer — Link from Model Registry to TG-Layer Dataset...",
     "requirement_id": "A.6.2.3",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "LI-06",
     "name": "Immutable Version Control with Tested Rollback and Emergency Disable",
     "requirement_id": "6.3",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "LI-07",
     "name": "Capability and Limitation Declaration — Intended Use, Constraints,...",
     "requirement_id": "A.9.4",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "LI-08",
     "name": "License and IP Governance — Dataset License Tracking, Derivative Work...",
     "requirement_id": "A.5.2",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "LI-09",
     "name": "Material-Change Determination and Authorization Gate",
     "requirement_id": "6.3",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "LI-10",
     "name": "Model Retirement and Archive Policy — End-of-Life Procedure, Evidence...",
     "requirement_id": "A.6.2.6",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "TG-01",
     "name": "Training Data Quality Gates",
     "requirement_id": "A.7.4",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "TG-02",
     "name": "Bias and Representativeness Assessment",
     "requirement_id": "A.7.4",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "TG-03",
     "name": "Data Rights, Lawful Authority and Permitted Use",
     "requirement_id": "A.7.5",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "TG-04",
     "name": "Data Poisoning Prevention",
     "requirement_id": "A.7.5",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "TG-05",
     "name": "Train/Evaluation/Test Separation and Contamination Prevention",
     "requirement_id": "A.7.4",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "TG-06",
     "name": "Sensitive-Data Necessity, Minimization and Controlled Use",
     "requirement_id": "A.7.2",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "TG-07",
     "name": "Third-Party Dataset Governance",
     "requirement_id": "A.7.5",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "TG-08",
     "name": "Dataset Retention, Deletion and Lifecycle",
     "requirement_id": "A.7.2",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "EV-01",
     "name": "Pre-Deployment Evaluation Gate",
     "requirement_id": "A.6.2.4",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "EV-02",
     "name": "Fitness, Safety, Reliability and Policy-Conformance Evaluation",
     "requirement_id": "A.6.2.4",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "EV-03",
     "name": "Dangerous Capability Threshold Assessment",
     "requirement_id": "6.1",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "EV-04",
     "name": "Adversarial Red-Team Testing",
     "requirement_id": "A.6.2.4",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "EV-05",
     "name": "Fairness and Bias Evaluation",
     "requirement_id": "6.1.2",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "EV-06",
     "name": "Reproducible Evaluation Design",
     "requirement_id": "A.6.2.4",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "EV-07",
     "name": "Regression Testing on Updates",
     "requirement_id": "10.2",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "EV-08",
     "name": "Independent Validation",
     "requirement_id": "9.2",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "EV-09",
     "name": "Risk and Applicability Classification",
     "requirement_id": "6.1",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "EV-10",
     "name": "Evaluation Result Provenance",
     "requirement_id": "7.5",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "OA-01",
     "name": "Model Ownership Assignment",
     "requirement_id": "5.3",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "OA-02",
     "name": "Meaningful Human Oversight for High-Stakes Decisions",
     "requirement_id": "6.1.2",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "OA-03",
     "name": "AI Model Governance Committee",
     "requirement_id": "5.3",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "OA-04",
     "name": "Delegated Autonomy Tier Governance",
     "requirement_id": "6.1.2",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "OA-05",
     "name": "Regulatory and Legal Review Sign-Off",
     "requirement_id": "4.2",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "OA-06",
     "name": "Third-Party Model and Vendor Risk Oversight",
     "requirement_id": "A.10.3",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "OA-07",
     "name": "Incident Escalation Authority Chain",
     "requirement_id": "10.2",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "OA-08",
     "name": "Notice, Explanation Support, Human Review and Contestability",
     "requirement_id": "A.8.5",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "BH-01",
     "name": "Output Anomaly Detection",
     "requirement_id": "A.6.2.6",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "BH-02",
     "name": "Concept and Data Drift Detection",
     "requirement_id": "A.6.2.6",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "BH-03",
     "name": "Production Performance Degradation Alerting",
     "requirement_id": "A.6.2.6",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "BH-04",
     "name": "Behavioral Boundary Performance Testing",
     "requirement_id": "A.6.2.6",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "BH-05",
     "name": "Usage Telemetry and Decision Logging",
     "requirement_id": "7.5",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "BH-06",
     "name": "Injection-Resistance Evaluation in Production",
     "requirement_id": "A.6.2.6",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "BH-07",
     "name": "Resource and Cost Anomaly Monitoring",
     "requirement_id": "7.1",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "BH-08",
     "name": "Shadow and Canary Deployment Governance",
     "requirement_id": "A.6.2.5",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "BH-09",
     "name": "Synthetic-Content Provenance, Disclosure and Traceability",
     "requirement_id": "A.8.2",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "BH-10",
     "name": "Feedback Loop Integrity and Online Learning Governance",
     "requirement_id": "A.7.2",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "CR-01",
     "name": "Continuous Production Monitoring and Risk Aggregation",
     "requirement_id": "A.6.2.6",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "CR-02",
     "name": "Model Evidence Archive and Audit Trail",
     "requirement_id": "7.5",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "CR-03",
     "name": "Scheduled Model Re-validation",
     "requirement_id": "A.6.2.4",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "CR-04",
     "name": "AI Incident Response Management",
     "requirement_id": "10.2",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "CR-05",
     "name": "Regulatory Notification and Statutory Reporting",
     "requirement_id": "A.8.4",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "CR-06",
     "name": "Post-Market Surveillance",
     "requirement_id": "A.6.2.6",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "CR-07",
     "name": "Model Retirement and Evidence Archival",
     "requirement_id": "A.6.2.6",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "CR-08",
     "name": "Cross-Domain Assurance Coordination",
     "requirement_id": "7.5",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CA-01",
     "name": "Regulatory Scope Determination",
     "requirement_id": "§4.1 (Understanding context)",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "NI-09",
     "name": "Non-Human Identity Layer Evidence Package",
     "requirement_id": "§9.3",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "DE-09",
     "name": "Delegation Layer Evidence Package",
     "requirement_id": "§9.3",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IF-09",
     "name": "Identity Federation Layer Evidence Package",
     "requirement_id": "§9.3",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IM-09",
     "name": "Identity Monitoring Layer Evidence Package",
     "requirement_id": "§9.3",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AA-02",
     "name": "API Key and Bearer Token Lifecycle Management",
     "requirement_id": "§8.1 — Operational planning and control",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AA-04",
     "name": "Workload Identity for Agent Processes",
     "requirement_id": "§6.1",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AA-06",
     "name": "Cross-System Authentication Chaining",
     "requirement_id": "§8.1 — Operational planning and control",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AA-07",
     "name": "Authentication Failure Monitoring and Alerting",
     "requirement_id": "§9.1",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AA-08",
     "name": "Agent Authentication Evidence Package",
     "requirement_id": "§9.2",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AB-01",
     "name": "Authorized Action Scope Manifest",
     "requirement_id": "§6.1.3 — AI risk treatment",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AB-03",
     "name": "Action Reversibility Classification and Gates",
     "requirement_id": "§8.1 — Operational planning and control",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AB-06",
     "name": "Rate Limiting and Resource Budget Enforcement",
     "requirement_id": "§8.1 — Operational planning and control",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AB-07",
     "name": "Behavioral Drift Monitoring",
     "requirement_id": "§9.1 — Monitoring and Measurement",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AB-08",
     "name": "BehavioralAttestation Production",
     "requirement_id": "§9.3 — Management Review",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AT-01",
     "name": "Tool and Plugin Registry",
     "requirement_id": "§7.1 — Resources",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AT-02",
     "name": "Tool Permission Scoping",
     "requirement_id": "§9.1 — Monitoring, measurement, analysis and evaluation",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AT-05",
     "name": "Dangerous and Irreversible Tool Access Controls",
     "requirement_id": "A.6.2.6 — AI system operation and monitoring (Annex A)",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AT-06",
     "name": "Third-Party Plugin Vetting and Sandboxing",
     "requirement_id": "A.10.3 — Suppliers (Annex A)",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AT-07",
     "name": "Tool Usage Audit Trail",
     "requirement_id": "§9.1 Monitoring, Measurement, Analysis and Evaluation",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AT-08",
     "name": "Tool Governance Evidence Package",
     "requirement_id": "§9.3 Management Review",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AO-01",
     "name": "Multi-Agent Trust Chain Documentation",
     "requirement_id": "§8.1 — Operational planning and control",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AO-03",
     "name": "Orchestration Message Integrity",
     "requirement_id": "§8.1 — Operational planning and control",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AO-04",
     "name": "Human-in-the-Loop Gates for High-Consequence Orchestrations",
     "requirement_id": "§9.1",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AO-05",
     "name": "Orchestration Loop and Escalation Detection",
     "requirement_id": "A.6.2.6 — AI system operation and monitoring (Annex A)",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AO-06",
     "name": "Cross-Organization Orchestration Trust Governance",
     "requirement_id": "§4.2",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AO-07",
     "name": "Orchestration Audit Trail",
     "requirement_id": "§9.1",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AO-08",
     "name": "Orchestration Governance Evidence Package",
     "requirement_id": "§10.1 — Continual improvement",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AM-01",
     "name": "Behavioral Telemetry Collection Baseline",
     "requirement_id": "§9.1",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AM-05",
     "name": "Multi-Agent Communication Monitoring",
     "requirement_id": "§8.1 — Operational planning and control",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AM-06",
     "name": "Monitoring Log Integrity",
     "requirement_id": "§9.1",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AM-07",
     "name": "Real-Time Alerting and Automated Agent Suspension",
     "requirement_id": "§10.2 — Nonconformity and corrective action",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AM-08",
     "name": "Monitoring Coverage Evidence Package",
     "requirement_id": "§9.3",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AG-01",
     "name": "Agentic AI Governance Structure",
     "requirement_id": "§5.1",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AG-02",
     "name": "Agent Deployment Policy and Pre-Deployment Review Gate",
     "requirement_id": "§8.4",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AG-03",
     "name": "Agentic AI Risk Assessment Framework",
     "requirement_id": "§6.1",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AG-04",
     "name": "Senior Accountability for Autonomous AI Systems",
     "requirement_id": "§5.3",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AG-05",
     "name": "Agent Incident Response Program",
     "requirement_id": "§10.2 — Nonconformity and corrective action",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AG-06",
     "name": "Agent Program Metrics and KPIs",
     "requirement_id": "§9.1",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AG-07",
     "name": "Continuous Improvement and Lessons Learned",
     "requirement_id": "§10.1 — Continual improvement",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AG-08",
     "name": "BehavioralAttestation Production",
     "requirement_id": "§9.1",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "EF-01",
     "name": "Ethics Principles Adoption and Operationalization",
     "requirement_id": "§6.1.2, §8.4",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "EF-02",
     "name": "Values-to-Design Mapping",
     "requirement_id": "§8.3",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "EF-03",
     "name": "Ethical Risk Appetite Definition",
     "requirement_id": "§6.1.1, §6.1.2",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "EF-04",
     "name": "Ethics Impact Assessment Framework",
     "requirement_id": "§8.4, §9.1",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "EF-05",
     "name": "EU AI Act Prohibited Practices Governance (Art. 5)",
     "requirement_id": "§8.4",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "EF-06",
     "name": "Ethics-by-Design Integration in Development Lifecycle",
     "requirement_id": "§8.3",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "EF-07",
     "name": "External Ethics Stakeholder Engagement",
     "requirement_id": "§4.2, §9.3",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "EF-08",
     "name": "Ethics Foundations Evidence Package",
     "requirement_id": "§7.5, §9.2",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "FA-01",
     "name": "Protected Characteristic Identification and Scope",
     "requirement_id": "§6.1.2",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "FA-04",
     "name": "Independent Bias Testing Methodology",
     "requirement_id": "§9.1",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "FA-05",
     "name": "NYC Local Law 144 and Analogous Audit Compliance",
     "requirement_id": "§4.2",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "FA-07",
     "name": "Bias Remediation Governance",
     "requirement_id": "§10.1",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "FA-08",
     "name": "Fairness and Accountability Evidence Package",
     "requirement_id": "§9.3",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "XP-01",
     "name": "Explainability Method Selection and Justification",
     "requirement_id": "§8.4",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "XP-02",
     "name": "Decision-Level Explanation Requirements",
     "requirement_id": "§6.1.2",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "XP-03",
     "name": "Explanation Fidelity and Accuracy Verification",
     "requirement_id": "§9.1",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "XP-04",
     "name": "Adverse Action Notice and Explanation (ECOA/Reg B, FCRA)",
     "requirement_id": "§8.4",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "XP-05",
     "name": "Model Card and System Card Transparency Disclosure",
     "requirement_id": "§7.5",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "XP-06",
     "name": "Technical vs. Non-Technical Explanation Tiers",
     "requirement_id": "§7.4",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "XP-07",
     "name": "Explanation Completeness and Coverage Auditing",
     "requirement_id": "§9.2",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "XP-08",
     "name": "Explainability Evidence Package",
     "requirement_id": "§9.1, §9.2",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "HI-01",
     "name": "Fundamental Rights Impact Assessment Content Governance",
     "requirement_id": "§6.1.2",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "HI-04",
     "name": "Human Oversight and Override Mechanisms",
     "requirement_id": "§8.4",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "HI-05",
     "name": "Remedy and Redress Mechanisms",
     "requirement_id": "§9.1",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "HI-08",
     "name": "Human Interests Evidence Package",
     "requirement_id": "§9.3",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "FM-01",
     "name": "Production Fairness Monitoring Program",
     "requirement_id": "§9.1",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "FM-04",
     "name": "Feedback Loop and Reinforcement Bias Detection",
     "requirement_id": "§8.4",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "FM-05",
     "name": "Fairness Incident Response Program",
     "requirement_id": "§10.2",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "FM-07",
     "name": "Fairness Monitoring Audit Trail",
     "requirement_id": "§9.1",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "FM-08",
     "name": "Fairness Monitoring Evidence Package",
     "requirement_id": "§9.3",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "EG-01",
     "name": "Ethics Governance Structure",
     "requirement_id": "§6.1",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "EG-02",
     "name": "AI Ethics Policy Framework",
     "requirement_id": "§5.2",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "EG-03",
     "name": "Senior and Board-Level Ethics Accountability",
     "requirement_id": "§5.1",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "EG-04",
     "name": "Ethics Training and Capability Building",
     "requirement_id": "§7.2",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "EG-05",
     "name": "Third-Party AI Provider Ethics Accountability",
     "requirement_id": "§8.4",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "EG-06",
     "name": "Ethics Incident Response",
     "requirement_id": "§10.1",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "EG-07",
     "name": "Ethics Program Metrics and Effectiveness Measurement",
     "requirement_id": "§9.1",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "EG-08",
     "name": "EthicsAttestation Production",
     "requirement_id": "§9.3",
     "fit": "direct"
    },
    {
     "domain": "authority",
     "control": "PV-01",
     "name": "Operating Intent Declaration",
     "requirement_id": "§ 6.1 — Actions to address risks and opportunities",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PV-02",
     "name": "Operating Intent Boundary Validation",
     "requirement_id": "§ 6.1.4 / § 8.4 — AI system impact assessment",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PV-03",
     "name": "Intended Purpose Alignment Review",
     "requirement_id": "§ 9.1 — Monitoring, measurement, analysis and evaluation",
     "fit": "direct"
    },
    {
     "domain": "authority",
     "control": "PV-04",
     "name": "Authorized Knowledge Source Registry",
     "requirement_id": "A.7.5 — Data provenance",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PV-05",
     "name": "Knowledge Source Version Governance",
     "requirement_id": "A.7.5 — Data provenance",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PV-06",
     "name": "Operating Context Change Management",
     "requirement_id": "§ 6.3 — Planning of changes",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PV-07",
     "name": "Deployment Scope Attestation",
     "requirement_id": "§ 8.1 — Operational planning and control",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PV-08",
     "name": "Principal Intent vs. Agent Behavior Alignment",
     "requirement_id": "§ 9.1 — Monitoring, measurement, analysis and evaluation",
     "fit": "direct"
    },
    {
     "domain": "authority",
     "control": "PV-09",
     "name": "Principal Verification Layer Evidence Package",
     "requirement_id": "§9.3",
     "fit": "direct"
    },
    {
     "domain": "authority",
     "control": "PA-01",
     "name": "Delegation of Authority Integration",
     "requirement_id": "§ 5.3 — Organizational roles, responsibilities and authorities",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PA-04",
     "name": "Principal Accountability Binding",
     "requirement_id": "§ 5.1 — Leadership and commitment",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PA-08",
     "name": "Authority Scope Change Notification",
     "requirement_id": "§ 6.3 — Planning of changes",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PA-09",
     "name": "Authority Scope Layer Evidence Package",
     "requirement_id": "§9.3",
     "fit": "direct"
    },
    {
     "domain": "authority",
     "control": "PO-01",
     "name": "Internal Policy Register for AI Deployments",
     "requirement_id": "§7.5 — Documented information",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PO-02",
     "name": "Policy Version Control and Distribution",
     "requirement_id": "§7.5 — Documented information",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PO-03",
     "name": "Contractual Obligation Extraction",
     "requirement_id": "§8.1 — Operational planning and control",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PO-04",
     "name": "Contract Term Conflict Detection",
     "requirement_id": "§8.1 — Operational planning and control",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PO-05",
     "name": "Data Use Policy Enforcement",
     "requirement_id": "§8.1 — Operational planning and control",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PO-07",
     "name": "Third-Party Policy Requirements",
     "requirement_id": "§8.1 — Operational planning and control",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PO-08",
     "name": "Policy Obligation Gap Analysis",
     "requirement_id": "§9.1 — Monitoring, measurement, analysis and evaluation",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PO-09",
     "name": "Policy Obligation Layer Evidence Package",
     "requirement_id": "§9.3",
     "fit": "direct"
    },
    {
     "domain": "authority",
     "control": "PR-03",
     "name": "Vendor Qualification Enforcement",
     "requirement_id": "§8.1 — Operational planning and control",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PR-04",
     "name": "Contract Review Gate Compliance",
     "requirement_id": "§8.1 — Operational planning and control",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PR-05",
     "name": "SLA Commitment Governance",
     "requirement_id": "§8.1 — Operational planning and control",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PR-06",
     "name": "AI in Contract Negotiation Controls",
     "requirement_id": "§8.1 — Operational planning and control",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PR-07",
     "name": "Contract Obligation Monitoring",
     "requirement_id": "§9.1 — Monitoring, measurement, analysis and evaluation",
     "fit": "direct"
    },
    {
     "domain": "authority",
     "control": "PR-08",
     "name": "Procurement Audit Trail",
     "requirement_id": "§9.1 — Monitoring, measurement, analysis and evaluation",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PR-09",
     "name": "Procurement Governance Layer Evidence Package",
     "requirement_id": "§9.3",
     "fit": "direct"
    },
    {
     "domain": "authority",
     "control": "PG-01",
     "name": "Policy Adherence Monitoring",
     "requirement_id": "§9.1 — Monitoring, measurement, analysis and evaluation",
     "fit": "direct"
    },
    {
     "domain": "authority",
     "control": "PG-05",
     "name": "Knowledge Source Staleness Detection",
     "requirement_id": "A.6.2.6 — AI system operation and monitoring",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PG-06",
     "name": "Operating Intent Drift Detection",
     "requirement_id": "§9.1 — Monitoring, measurement, analysis and evaluation",
     "fit": "direct"
    },
    {
     "domain": "authority",
     "control": "PG-08",
     "name": "Lessons Learned and Policy Improvement",
     "requirement_id": "§10.1 — Continual improvement",
     "fit": "direct"
    },
    {
     "domain": "authority",
     "control": "PG-09",
     "name": "Policy Governance Layer Evidence Package",
     "requirement_id": "§9.3",
     "fit": "direct"
    },
    {
     "domain": "authority",
     "control": "PE-01",
     "name": "Policy Evidence Archive",
     "requirement_id": "§7.5 — Documented information",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PE-03",
     "name": "Internal Audit Support Package",
     "requirement_id": "§9.2 — Internal audit",
     "fit": "direct"
    },
    {
     "domain": "authority",
     "control": "PE-04",
     "name": "Cross-Domain Policy Evidence Integration",
     "requirement_id": "§9.1 — Monitoring, measurement, analysis and evaluation",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PE-07",
     "name": "Policy Governance Program Assessment",
     "requirement_id": "§9.2 — Internal audit",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PE-08",
     "name": "Policy Attestation",
     "requirement_id": "§9.1 — Monitoring, measurement, analysis and evaluation",
     "fit": "adjacent"
    },
    {
     "domain": "knowledge",
     "control": "KS-01",
     "name": "Knowledge Source Authorization Register",
     "requirement_id": "§6.1.2",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KS-02",
     "name": "Source Authority Classification",
     "requirement_id": "A.7.4",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KS-03",
     "name": "Source Currency and Maximum Age Policy",
     "requirement_id": "A.7.4",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KS-05",
     "name": "Competing Source Conflict Resolution",
     "requirement_id": "§9.1",
     "fit": "partial"
    },
    {
     "domain": "knowledge",
     "control": "KS-06",
     "name": "Knowledge Domain Boundary Definition",
     "requirement_id": "§4.3",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KS-07",
     "name": "Source Attribution and Citation Disclosure Requirements",
     "requirement_id": "A.7.5",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KS-08",
     "name": "Knowledge Sources Evidence Package",
     "requirement_id": "§9.2",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KI-01",
     "name": "Ingestion Pipeline Authorization",
     "requirement_id": "§6.1.2",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KI-02",
     "name": "Knowledge Poisoning Detection and Prevention",
     "requirement_id": "§6.1.3",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KI-03",
     "name": "Ingestion Format Validation",
     "requirement_id": "A.7.4",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KI-04",
     "name": "Content Sensitivity Classification at Ingestion",
     "requirement_id": "A.7.6",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KI-06",
     "name": "Pre-Ingestion Content Quality Gates",
     "requirement_id": "A.7.4",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KI-07",
     "name": "Ingestion Audit Trail",
     "requirement_id": "§9.1",
     "fit": "partial"
    },
    {
     "domain": "knowledge",
     "control": "KI-08",
     "name": "Knowledge Ingestion Evidence Package",
     "requirement_id": "§9.3",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KR-01",
     "name": "Retrieval Relevance Quality Standards",
     "requirement_id": "A.6.2.6",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KR-02",
     "name": "Grounding Completeness Requirements",
     "requirement_id": "§6.1.2",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KR-03",
     "name": "Citation Fidelity and Accuracy Enforcement",
     "requirement_id": "§9.1",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KR-04",
     "name": "Retrieval Hallucination Detection",
     "requirement_id": "§6.1.2",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KR-05",
     "name": "Retrieval Permission Verification",
     "requirement_id": "A.6.2.6",
     "fit": "partial"
    },
    {
     "domain": "knowledge",
     "control": "KR-06",
     "name": "Retrieval Performance Monitoring",
     "requirement_id": "§9.1",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KR-07",
     "name": "Retrieval Audit Trail",
     "requirement_id": "§9.1",
     "fit": "partial"
    },
    {
     "domain": "knowledge",
     "control": "KR-08",
     "name": "Knowledge Retrieval Evidence Package",
     "requirement_id": "§9.1",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KC-01",
     "name": "Knowledge Staleness Classification Policy",
     "requirement_id": "§6.1.2",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KC-02",
     "name": "Automated Staleness Detection",
     "requirement_id": "§9.1",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KC-04",
     "name": "Knowledge Version Control and Change History",
     "requirement_id": "§7.5",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KC-05",
     "name": "Knowledge Cutoff Date Disclosure to Users",
     "requirement_id": "A.6.2.7",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KC-06",
     "name": "Domain-Specific Currency Requirements",
     "requirement_id": "§6.1.2",
     "fit": "adjacent"
    },
    {
     "domain": "knowledge",
     "control": "KC-07",
     "name": "Emergency Knowledge Update Procedures",
     "requirement_id": "§10.2",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KC-08",
     "name": "Knowledge Currency Evidence Package",
     "requirement_id": "§9.3",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KM-01",
     "name": "Knowledge Asset Lifecycle Governance",
     "requirement_id": "A.6.2.6",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KM-03",
     "name": "Knowledge Versioning and Change History",
     "requirement_id": "A.7.5",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KM-04",
     "name": "Knowledge Archival and Retention Policy",
     "requirement_id": "§7.5 — Documented Information",
     "fit": "partial"
    },
    {
     "domain": "knowledge",
     "control": "KM-05",
     "name": "Knowledge-to-Output Lineage Tracking",
     "requirement_id": "A.7.5",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KM-06",
     "name": "Knowledge Impact Assessment Before Major Changes",
     "requirement_id": "§6.1.2 — AI Risk Assessment",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KM-07",
     "name": "Knowledge Base Performance and Quality Metrics",
     "requirement_id": "§9.1 — Monitoring and Measurement",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KM-08",
     "name": "Knowledge Management Evidence Package",
     "requirement_id": "§9.3 — Management Review",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KG-01",
     "name": "Knowledge Governance Structure",
     "requirement_id": "§5.1–5.3",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KG-02",
     "name": "AI Knowledge Substrate Policy Framework",
     "requirement_id": "§6.1.3 — AI risk treatment",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KG-03",
     "name": "Senior Accountability for Knowledge Quality and Safety",
     "requirement_id": "§5.1 — Leadership and commitment",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KG-04",
     "name": "Knowledge Risk Assessment",
     "requirement_id": "§6.1.2 — AI risk assessment",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KG-05",
     "name": "External Knowledge Provider Governance",
     "requirement_id": "A.10.3 — Suppliers",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KG-06",
     "name": "Knowledge Incident Response",
     "requirement_id": "§10.2 — Nonconformity and corrective action",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KG-07",
     "name": "Knowledge Program Metrics and Effectiveness Reporting",
     "requirement_id": "§9.1 — Monitoring, measurement, analysis and evaluation",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KG-08",
     "name": "KnowledgeAttestation Production",
     "requirement_id": "§9.2–9.3 — Internal audit and management review",
     "fit": "direct"
    }
   ],
   "source_refs": [
    {
     "domain": "security",
     "control": "GV-05",
     "name": "Run an AI management system and tier agents by their autonomy",
     "relationship": "normative_requirement"
    },
    {
     "domain": "security",
     "control": "GV-09",
     "name": "Anchor a named business owner to every agent (accountability)",
     "relationship": "normative_requirement"
    },
    {
     "domain": "security",
     "control": "GV-10",
     "name": "Enable end-user responsibility and guard against automation bias",
     "relationship": "normative_requirement"
    },
    {
     "domain": "model",
     "control": "LI-01",
     "name": "Unique Model Identity and Content-Addressed Version Hash",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "LI-02",
     "name": "Model Provenance Chain — Base Model, Fine-Tune, Merge, and Adapter Lineage",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "LI-03",
     "name": "Supply Chain Integrity — Third-Party Model Verification and Cryptographic...",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "LI-04",
     "name": "Structured Model Documentation — Complete Model Card with All Required Sections",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "LI-05",
     "name": "Training Data Lineage Pointer — Link from Model Registry to TG-Layer Dataset...",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "LI-06",
     "name": "Immutable Version Control with Tested Rollback and Emergency Disable",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "LI-07",
     "name": "Capability and Limitation Declaration — Intended Use, Constraints,...",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "LI-08",
     "name": "License and IP Governance — Dataset License Tracking, Derivative Work...",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "LI-09",
     "name": "Material-Change Determination and Authorization Gate",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "LI-10",
     "name": "Model Retirement and Archive Policy — End-of-Life Procedure, Evidence...",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "TG-01",
     "name": "Training Data Quality Gates",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "TG-02",
     "name": "Bias and Representativeness Assessment",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "TG-03",
     "name": "Data Rights, Lawful Authority and Permitted Use",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "TG-04",
     "name": "Data Poisoning Prevention",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "TG-05",
     "name": "Train/Evaluation/Test Separation and Contamination Prevention",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "TG-06",
     "name": "Sensitive-Data Necessity, Minimization and Controlled Use",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "TG-07",
     "name": "Third-Party Dataset Governance",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "TG-08",
     "name": "Dataset Retention, Deletion and Lifecycle",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "EV-01",
     "name": "Pre-Deployment Evaluation Gate",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "EV-02",
     "name": "Fitness, Safety, Reliability and Policy-Conformance Evaluation",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "EV-05",
     "name": "Fairness and Bias Evaluation",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "EV-06",
     "name": "Reproducible Evaluation Design",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "EV-07",
     "name": "Regression Testing on Updates",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "EV-08",
     "name": "Independent Validation",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "EV-09",
     "name": "Risk and Applicability Classification",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "EV-10",
     "name": "Evaluation Result Provenance",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "OA-01",
     "name": "Model Ownership Assignment",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "OA-02",
     "name": "Meaningful Human Oversight for High-Stakes Decisions",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "OA-03",
     "name": "AI Model Governance Committee",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "OA-04",
     "name": "Delegated Autonomy Tier Governance",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "OA-05",
     "name": "Regulatory and Legal Review Sign-Off",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "OA-07",
     "name": "Incident Escalation Authority Chain",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "BH-01",
     "name": "Output Anomaly Detection",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "BH-02",
     "name": "Concept and Data Drift Detection",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "BH-03",
     "name": "Production Performance Degradation Alerting",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "BH-04",
     "name": "Behavioral Boundary Performance Testing",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "BH-05",
     "name": "Usage Telemetry and Decision Logging",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "BH-08",
     "name": "Shadow and Canary Deployment Governance",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "BH-10",
     "name": "Feedback Loop Integrity and Online Learning Governance",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "compliance",
     "control": "CA-01",
     "name": "Regulatory Scope Determination",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PV-01",
     "name": "Operating Intent Declaration",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PV-02",
     "name": "Operating Intent Boundary Validation",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PV-03",
     "name": "Intended Purpose Alignment Review",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PV-04",
     "name": "Authorized Knowledge Source Registry",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PV-05",
     "name": "Knowledge Source Version Governance",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PV-06",
     "name": "Operating Context Change Management",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PV-07",
     "name": "Deployment Scope Attestation",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PV-08",
     "name": "Principal Intent vs. Agent Behavior Alignment",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PV-09",
     "name": "Principal Verification Layer Evidence Package",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PA-01",
     "name": "Delegation of Authority Integration",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PA-08",
     "name": "Authority Scope Change Notification",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PA-09",
     "name": "Authority Scope Layer Evidence Package",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PO-01",
     "name": "Internal Policy Register for AI Deployments",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PO-02",
     "name": "Policy Version Control and Distribution",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PO-03",
     "name": "Contractual Obligation Extraction",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PO-04",
     "name": "Contract Term Conflict Detection",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PO-07",
     "name": "Third-Party Policy Requirements",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PO-08",
     "name": "Policy Obligation Gap Analysis",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PO-09",
     "name": "Policy Obligation Layer Evidence Package",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PR-03",
     "name": "Vendor Qualification Enforcement",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PR-04",
     "name": "Contract Review Gate Compliance",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PR-07",
     "name": "Contract Obligation Monitoring",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PR-09",
     "name": "Procurement Governance Layer Evidence Package",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PG-01",
     "name": "Policy Adherence Monitoring",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PG-05",
     "name": "Knowledge Source Staleness Detection",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PG-06",
     "name": "Operating Intent Drift Detection",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PG-08",
     "name": "Lessons Learned and Policy Improvement",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PG-09",
     "name": "Policy Governance Layer Evidence Package",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PE-04",
     "name": "Cross-Domain Policy Evidence Integration",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PE-08",
     "name": "Policy Attestation",
     "relationship": "normative_requirement"
    },
    {
     "domain": "knowledge",
     "control": "KS-03",
     "name": "Source Currency and Maximum Age Policy",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "knowledge",
     "control": "KI-01",
     "name": "Ingestion Pipeline Authorization",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "knowledge",
     "control": "KI-06",
     "name": "Pre-Ingestion Content Quality Gates",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "knowledge",
     "control": "KI-07",
     "name": "Ingestion Audit Trail",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "knowledge",
     "control": "KI-08",
     "name": "Knowledge Ingestion Evidence Package",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "knowledge",
     "control": "KR-07",
     "name": "Retrieval Audit Trail",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "knowledge",
     "control": "KR-08",
     "name": "Knowledge Retrieval Evidence Package",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "knowledge",
     "control": "KC-01",
     "name": "Knowledge Staleness Classification Policy",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "knowledge",
     "control": "KC-06",
     "name": "Domain-Specific Currency Requirements",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "knowledge",
     "control": "KC-07",
     "name": "Emergency Knowledge Update Procedures",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "knowledge",
     "control": "KM-01",
     "name": "Knowledge Asset Lifecycle Governance",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "knowledge",
     "control": "KM-04",
     "name": "Knowledge Archival and Retention Policy",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "knowledge",
     "control": "KM-08",
     "name": "Knowledge Management Evidence Package",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "knowledge",
     "control": "KG-01",
     "name": "Knowledge Governance Structure",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "knowledge",
     "control": "KG-02",
     "name": "AI Knowledge Substrate Policy Framework",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "knowledge",
     "control": "KG-03",
     "name": "Senior Accountability for Knowledge Quality and Safety",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "knowledge",
     "control": "KG-04",
     "name": "Knowledge Risk Assessment",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "knowledge",
     "control": "KG-06",
     "name": "Knowledge Incident Response",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "knowledge",
     "control": "KG-07",
     "name": "Knowledge Program Metrics and Effectiveness Reporting",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "knowledge",
     "control": "KG-08",
     "name": "KnowledgeAttestation Production",
     "relationship": "implementation_pattern"
    }
   ],
   "by_domain": {
    "security": 47,
    "model": 54,
    "compliance": 1,
    "identity": 4,
    "agentic": 36,
    "ethics": 38,
    "authority": 38,
    "knowledge": 44
   },
   "title": "ISO/IEC 42001:2023",
   "total": 355
  },
  {
   "source_id": "anthropic_rsp",
   "framework_refs": [
    {
     "domain": "compliance",
     "control": "CA-01",
     "name": "Regulatory Scope Determination",
     "requirement_id": "Capability Thresholds",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CA-02",
     "name": "Compliance Framework Selection and Mapping",
     "requirement_id": "Required Safeguards",
     "fit": "adjacent"
    },
    {
     "domain": "compliance",
     "control": "CA-03",
     "name": "Cross-Domain Evidence Routing",
     "requirement_id": "Capability assessment",
     "fit": "adjacent"
    },
    {
     "domain": "compliance",
     "control": "CA-04",
     "name": "Design-Time Compliance Classification",
     "requirement_id": "Capability Thresholds",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CA-05",
     "name": "Regulatory Change Management",
     "requirement_id": "Capability Thresholds",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CA-06",
     "name": "Compliance Obligation Gap Analysis",
     "requirement_id": "Capability assessment",
     "fit": "adjacent"
    },
    {
     "domain": "compliance",
     "control": "CA-07",
     "name": "Third-Party and Supply Chain Compliance Obligations",
     "requirement_id": "ASL-3 Security Standard",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CA-08",
     "name": "Compliance Architecture Evidence Package",
     "requirement_id": "Capability Report",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "OB-01",
     "name": "Obligation Register",
     "requirement_id": "Capability Thresholds",
     "fit": "adjacent"
    },
    {
     "domain": "compliance",
     "control": "OB-03",
     "name": "Obligation Due Date and Milestone Tracking",
     "requirement_id": "Capability assessment",
     "fit": "adjacent"
    },
    {
     "domain": "compliance",
     "control": "OB-04",
     "name": "EU AI Act Conformity Assessment Obligation Management",
     "requirement_id": "ASL-3 Deployment Standard",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "OB-06",
     "name": "Contractual AI Obligation Management",
     "requirement_id": "Required Safeguards",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "OB-08",
     "name": "Obligations Evidence Package",
     "requirement_id": "Capability Report",
     "fit": "adjacent"
    },
    {
     "domain": "compliance",
     "control": "RF-01",
     "name": "EU AI Act High-Risk AI System Classification",
     "requirement_id": "Capability Thresholds",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "RF-03",
     "name": "EU AI Act Technical Documentation Package (Art. 11)",
     "requirement_id": "Capability Report",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "RF-04",
     "name": "EU AI Act Post-Market Monitoring Plan (Art. 72)",
     "requirement_id": "Capability assessment",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CI-01",
     "name": "Compliance Control Testing Program",
     "requirement_id": "Capability assessment",
     "fit": "adjacent"
    },
    {
     "domain": "compliance",
     "control": "CI-05",
     "name": "Compliance Training and Awareness Program",
     "requirement_id": "ASL-3 Deployment Standard",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CI-08",
     "name": "Compliance Implementation Evidence Package",
     "requirement_id": "Capability Report",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "AU-02",
     "name": "Evidence Collection, Curation, and Validation",
     "requirement_id": "Capability Report",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "AU-05",
     "name": "Regulatory Examination Response Program",
     "requirement_id": "Required Safeguards",
     "fit": "adjacent"
    },
    {
     "domain": "compliance",
     "control": "AU-07",
     "name": "Multi-Framework Evidence Reuse",
     "requirement_id": "Capability assessment",
     "fit": "adjacent"
    },
    {
     "domain": "compliance",
     "control": "AU-08",
     "name": "ComplianceAttestation Production",
     "requirement_id": "Capability Report",
     "fit": "adjacent"
    },
    {
     "domain": "compliance",
     "control": "CG-01",
     "name": "Compliance Governance Structure",
     "requirement_id": "Responsible Scaling Officer",
     "fit": "adjacent"
    },
    {
     "domain": "compliance",
     "control": "CG-02",
     "name": "Compliance Policy Framework for AI",
     "requirement_id": "Required Safeguards",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CG-03",
     "name": "Senior and Board-Level Accountability for AI Compliance",
     "requirement_id": "Responsible Scaling Officer",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CG-04",
     "name": "Compliance Risk Appetite Definition",
     "requirement_id": "Capability Thresholds",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CG-06",
     "name": "Compliance Incident Response",
     "requirement_id": "ASL-3 Deployment Standard",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CG-07",
     "name": "Compliance Program Metrics and KPIs",
     "requirement_id": "Capability assessment",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CG-08",
     "name": "Compliance Governance Evidence Package",
     "requirement_id": "Capability Report",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "DE-05",
     "name": "User Consent for Delegated AI Action",
     "requirement_id": "Claude's Constitution — operator and user permission hierarchy",
     "fit": "adjacent"
    },
    {
     "domain": "identity",
     "control": "IC-02",
     "name": "Identity Policy and Standards",
     "requirement_id": "Anthropic RSP v3.3 — ASL Deployment and Security Standards",
     "fit": "adjacent"
    },
    {
     "domain": "identity",
     "control": "IC-04",
     "name": "Privileged Identity Management for AI",
     "requirement_id": "Anthropic RSP v3.3 — ASL-3 Security Standard",
     "fit": "adjacent"
    },
    {
     "domain": "identity",
     "control": "IC-05",
     "name": "Identity Compliance Mapping",
     "requirement_id": "Anthropic RSP v3.3 — Risk Reports",
     "fit": "adjacent"
    },
    {
     "domain": "identity",
     "control": "IC-08",
     "name": "Identity Attestation Production",
     "requirement_id": "Anthropic Transparency Hub — Model Reports",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AA-07",
     "name": "Authentication Failure Monitoring and Alerting",
     "requirement_id": "ASL-3 Deployment Standard — misuse detection and rapid response",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AA-08",
     "name": "Agent Authentication Evidence Package",
     "requirement_id": "Risk Reports (§3) — documented capability and safeguard evidence",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AB-03",
     "name": "Action Reversibility Classification and Gates",
     "requirement_id": "Capability Thresholds and Required Safeguards",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AB-04",
     "name": "Output Policy Enforcement",
     "requirement_id": "ASL-3 Deployment Standard — misuse-prevention safeguards",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AB-05",
     "name": "Prompt Injection Detection and Defense",
     "requirement_id": "ASL-3 Deployment Standard — robustness to jailbreak and misuse",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AB-07",
     "name": "Behavioral Drift Monitoring",
     "requirement_id": "ASL-3 Deployment Standard — ongoing monitoring",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AB-08",
     "name": "BehavioralAttestation Production",
     "requirement_id": "Risk Reports (§3)",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AT-05",
     "name": "Dangerous and Irreversible Tool Access Controls",
     "requirement_id": "Required Safeguards — ASL-3 Deployment Standard",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AT-08",
     "name": "Tool Governance Evidence Package",
     "requirement_id": "Risk Reports (§3.1 Scope and Timing) — recurring evidence cadence",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AO-04",
     "name": "Human-in-the-Loop Gates for High-Consequence Orchestrations",
     "requirement_id": "Required Safeguards — ASL-3 Deployment Standard",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AO-08",
     "name": "Orchestration Governance Evidence Package",
     "requirement_id": "Risk Reports (§3)",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AM-03",
     "name": "Goal Drift and Intent Deviation Detection",
     "requirement_id": "Capability Thresholds — capability and behavior assessment",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AM-08",
     "name": "Monitoring Coverage Evidence Package",
     "requirement_id": "Risk Reports (§3)",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AG-01",
     "name": "Agentic AI Governance Structure",
     "requirement_id": "Governance (§4)",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AG-02",
     "name": "Agent Deployment Policy and Pre-Deployment Review Gate",
     "requirement_id": "Capability Thresholds and Required Safeguards — pre-deployment determination",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AG-03",
     "name": "Agentic AI Risk Assessment Framework",
     "requirement_id": "Capability Thresholds (ASL framework)",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AG-04",
     "name": "Senior Accountability for Autonomous AI Systems",
     "requirement_id": "Governance (§4)",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AG-05",
     "name": "Agent Incident Response Program",
     "requirement_id": "ASL-3 Deployment Standard — rapid response to misuse",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AG-07",
     "name": "Continuous Improvement and Lessons Learned",
     "requirement_id": "Governance (§4) — policy maintenance and updates",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AG-08",
     "name": "BehavioralAttestation Production",
     "requirement_id": "Risk Reports (§3)",
     "fit": "adjacent"
    },
    {
     "domain": "ethics",
     "control": "EF-01",
     "name": "Ethics Principles Adoption and Operationalization",
     "requirement_id": "Capability Thresholds and Required Safeguards (AI Safety Level standards)",
     "fit": "adjacent"
    },
    {
     "domain": "ethics",
     "control": "EF-02",
     "name": "Values-to-Design Mapping",
     "requirement_id": "ASL-3 Deployment and Security Standards",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "EF-03",
     "name": "Ethical Risk Appetite Definition",
     "requirement_id": "Capability Thresholds and Required Safeguards",
     "fit": "adjacent"
    },
    {
     "domain": "ethics",
     "control": "EF-04",
     "name": "Ethics Impact Assessment Framework",
     "requirement_id": "Risk Reports (capability and safeguards assessment before deployment)",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "EF-06",
     "name": "Ethics-by-Design Integration in Development Lifecycle",
     "requirement_id": "Capability Thresholds and Required Safeguards (evaluation-gated scaling)",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "XP-05",
     "name": "Model Card and System Card Transparency Disclosure",
     "requirement_id": "Governance and Transparency (documentation and disclosure of capability assessments)",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "FM-01",
     "name": "Production Fairness Monitoring Program",
     "requirement_id": "Risk Reports and ongoing capability reassessment",
     "fit": "adjacent"
    },
    {
     "domain": "ethics",
     "control": "FM-02",
     "name": "Disparate Outcome Threshold Governance",
     "requirement_id": "Capability Thresholds — threshold-triggered safeguard requirements",
     "fit": "adjacent"
    },
    {
     "domain": "ethics",
     "control": "FM-08",
     "name": "Fairness Monitoring Evidence Package",
     "requirement_id": "Governance and Transparency — Risk Reports",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "EG-01",
     "name": "Ethics Governance Structure",
     "requirement_id": "Governance and Transparency — Responsible Scaling Officer",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "EG-02",
     "name": "AI Ethics Policy Framework",
     "requirement_id": "Capability Thresholds and Required Safeguards",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "EG-03",
     "name": "Senior and Board-Level Ethics Accountability",
     "requirement_id": "Governance and Transparency — Responsible Scaling Officer and executive accountability",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "EG-05",
     "name": "Third-Party AI Provider Ethics Accountability",
     "requirement_id": "Governance and Transparency — public safety framework disclosure",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "EG-06",
     "name": "Ethics Incident Response",
     "requirement_id": "Capability Thresholds (threshold-triggered evaluation and response)",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "EG-07",
     "name": "Ethics Program Metrics and Effectiveness Measurement",
     "requirement_id": "Risk Reports (evaluation-gated deployment)",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "EG-08",
     "name": "EthicsAttestation Production",
     "requirement_id": "Governance and Transparency — Risk Reports",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RP-01",
     "name": "AI-Specific Business Continuity Plan",
     "requirement_id": "Capability thresholds and ASL-3 standards — provider-initiated deployment restrictions",
     "fit": "adjacent"
    },
    {
     "domain": "resilience",
     "control": "RP-03",
     "name": "Model Rollback and Previous Version Recovery Planning",
     "requirement_id": "ASL-3 Deployment Standard — deployment restrictions and de-deployment",
     "fit": "adjacent"
    },
    {
     "domain": "resilience",
     "control": "RP-06",
     "name": "Third-Party AI Provider Outage Response Plan",
     "requirement_id": "Capability thresholds and ASL-3 standards — provider-initiated restrictions",
     "fit": "adjacent"
    },
    {
     "domain": "resilience",
     "control": "RO-02",
     "name": "Model Rollback Execution and Validation",
     "requirement_id": "ASL-3 Deployment Standard — provider-initiated de-deployment",
     "fit": "adjacent"
    },
    {
     "domain": "resilience",
     "control": "RG-01",
     "name": "Resilience Governance Structure",
     "requirement_id": "Governance — Responsible Scaling Officer and internal accountability",
     "fit": "adjacent"
    },
    {
     "domain": "resilience",
     "control": "RG-03",
     "name": "Senior Accountability for AI Operational Resilience",
     "requirement_id": "Governance — Responsible Scaling Officer accountability",
     "fit": "adjacent"
    },
    {
     "domain": "resilience",
     "control": "RG-04",
     "name": "Resilience Risk Appetite and Threshold Setting",
     "requirement_id": "Capability thresholds — ASL-3 standards at defined capability levels",
     "fit": "adjacent"
    },
    {
     "domain": "resilience",
     "control": "RG-08",
     "name": "ResilienceAttestation Production",
     "requirement_id": "Risk Reports and capability determinations — documented safeguard evidence",
     "fit": "adjacent"
    },
    {
     "domain": "finance",
     "control": "MR-06",
     "name": "Third-Party and Vendor AI Model Risk Management",
     "requirement_id": "Capability Thresholds and Required Safeguards",
     "fit": "adjacent"
    },
    {
     "domain": "finance",
     "control": "MR-07",
     "name": "Emerging Model Risk Identification",
     "requirement_id": "Capability assessments",
     "fit": "adjacent"
    },
    {
     "domain": "finance",
     "control": "MV-04",
     "name": "Benchmarking and Challenger Models",
     "requirement_id": "Capability Thresholds",
     "fit": "adjacent"
    },
    {
     "domain": "finance",
     "control": "MV-06",
     "name": "Validation Scope for AI/ML and LLM Models",
     "requirement_id": "Capability assessment methodology",
     "fit": "adjacent"
    },
    {
     "domain": "finance",
     "control": "FP-02",
     "name": "Prohibited AI Use Cases in Financial Services",
     "requirement_id": "Usage Policy (separate document) — restricted high-risk uses",
     "fit": "adjacent"
    },
    {
     "domain": "finance",
     "control": "FP-04",
     "name": "AI Procurement and Vendor Management Policy for Finance",
     "requirement_id": "Capability Thresholds and Required Safeguards",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PV-01",
     "name": "Operating Intent Declaration",
     "requirement_id": "RSP v3.3 — Capability Thresholds and Required Safeguards",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PV-02",
     "name": "Operating Intent Boundary Validation",
     "requirement_id": "RSP v3.3 — ASL-3 Deployment Standard (Misuse Safeguards and Red-Teaming)",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PV-03",
     "name": "Intended Purpose Alignment Review",
     "requirement_id": "RSP v3.3 — Capability Assessment (Periodic Re-Evaluation)",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PV-06",
     "name": "Operating Context Change Management",
     "requirement_id": "RSP v3.3 — Re-Assessment Triggers on Material Change",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PV-07",
     "name": "Deployment Scope Attestation",
     "requirement_id": "RSP v3.3 — Safeguards Assessment and Risk Report Sign-Off",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PV-08",
     "name": "Principal Intent vs. Agent Behavior Alignment",
     "requirement_id": "Claude's Constitution + Anthropic Usage Policy — Acting Within Principal-Granted Scope",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PO-06",
     "name": "Communication and Commitment Policy",
     "requirement_id": "Anthropic Usage Policy + Claude's Constitution — Operator Scope and Permitted Communications",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PO-08",
     "name": "Policy Obligation Gap Analysis",
     "requirement_id": "RSP v3.3 — Required Safeguards as Blocking Conditions",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PR-06",
     "name": "AI in Contract Negotiation Controls",
     "requirement_id": "Anthropic Usage Policy + Claude's Constitution — Human Oversight for Consequential Use",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PE-01",
     "name": "Policy Evidence Archive",
     "requirement_id": "RSP v3.3 — Documented Capability and Safeguards Assessments",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PE-02",
     "name": "Regulatory Disclosure Readiness",
     "requirement_id": "RSP v3.3 — Governance and Transparency (Public Disclosures)",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PE-06",
     "name": "Board and Senior Management Policy Reporting",
     "requirement_id": "RSP v3.3 — Governance (Responsible Scaling Officer and Board Oversight)",
     "fit": "supporting"
    },
    {
     "domain": "authority",
     "control": "PE-08",
     "name": "Policy Attestation",
     "requirement_id": "RSP v3.3 — Safeguards Assessment and Risk Report",
     "fit": "adjacent"
    }
   ],
   "source_refs": [
    {
     "domain": "model",
     "control": "EV-03",
     "name": "Dangerous Capability Threshold Assessment",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "compliance",
     "control": "CA-01",
     "name": "Regulatory Scope Determination",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CA-02",
     "name": "Compliance Framework Selection and Mapping",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CA-03",
     "name": "Cross-Domain Evidence Routing",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CA-04",
     "name": "Design-Time Compliance Classification",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CA-05",
     "name": "Regulatory Change Management",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CA-06",
     "name": "Compliance Obligation Gap Analysis",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CA-07",
     "name": "Third-Party and Supply Chain Compliance Obligations",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CA-08",
     "name": "Compliance Architecture Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "OB-01",
     "name": "Obligation Register",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "OB-03",
     "name": "Obligation Due Date and Milestone Tracking",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "OB-04",
     "name": "EU AI Act Conformity Assessment Obligation Management",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "OB-06",
     "name": "Contractual AI Obligation Management",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "OB-08",
     "name": "Obligations Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "RF-01",
     "name": "EU AI Act High-Risk AI System Classification",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "RF-03",
     "name": "EU AI Act Technical Documentation Package (Art. 11)",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "RF-04",
     "name": "EU AI Act Post-Market Monitoring Plan (Art. 72)",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "RF-07",
     "name": "ISO 42001 Certification Pathway",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CI-01",
     "name": "Compliance Control Testing Program",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CI-05",
     "name": "Compliance Training and Awareness Program",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CI-08",
     "name": "Compliance Implementation Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "AU-02",
     "name": "Evidence Collection, Curation, and Validation",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "AU-05",
     "name": "Regulatory Examination Response Program",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "AU-07",
     "name": "Multi-Framework Evidence Reuse",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "AU-08",
     "name": "ComplianceAttestation Production",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CG-01",
     "name": "Compliance Governance Structure",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CG-02",
     "name": "Compliance Policy Framework for AI",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CG-03",
     "name": "Senior and Board-Level Accountability for AI Compliance",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CG-04",
     "name": "Compliance Risk Appetite Definition",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CG-06",
     "name": "Compliance Incident Response",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CG-07",
     "name": "Compliance Program Metrics and KPIs",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CG-08",
     "name": "Compliance Governance Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "DE-05",
     "name": "User Consent for Delegated AI Action",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "IC-02",
     "name": "Identity Policy and Standards",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "IC-04",
     "name": "Privileged Identity Management for AI",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "IC-05",
     "name": "Identity Compliance Mapping",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "IC-08",
     "name": "Identity Attestation Production",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AA-01",
     "name": "Agent Identity Presentation at Tool Invocation",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AA-02",
     "name": "API Key and Bearer Token Lifecycle Management",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AA-03",
     "name": "mTLS and Certificate-Based Agent Authentication",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AA-04",
     "name": "Workload Identity for Agent Processes",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AA-05",
     "name": "Session Token Binding and Anti-Replay Controls",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AA-06",
     "name": "Cross-System Authentication Chaining",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AA-07",
     "name": "Authentication Failure Monitoring and Alerting",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AA-08",
     "name": "Agent Authentication Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AB-01",
     "name": "Authorized Action Scope Manifest",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AB-02",
     "name": "Tool-Call Authorization Policy",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AB-03",
     "name": "Action Reversibility Classification and Gates",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AB-04",
     "name": "Output Policy Enforcement",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AB-05",
     "name": "Prompt Injection Detection and Defense",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AB-06",
     "name": "Rate Limiting and Resource Budget Enforcement",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AB-07",
     "name": "Behavioral Drift Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AB-08",
     "name": "BehavioralAttestation Production",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AT-01",
     "name": "Tool and Plugin Registry",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AT-02",
     "name": "Tool Permission Scoping",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AT-03",
     "name": "Tool Input Validation and Schema Enforcement",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AT-04",
     "name": "Tool Output Sanitization and Integrity Verification",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AT-05",
     "name": "Dangerous and Irreversible Tool Access Controls",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AT-06",
     "name": "Third-Party Plugin Vetting and Sandboxing",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AT-07",
     "name": "Tool Usage Audit Trail",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AT-08",
     "name": "Tool Governance Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AO-01",
     "name": "Multi-Agent Trust Chain Documentation",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AO-02",
     "name": "Sub-Agent Authorization and Capability Delegation",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AO-03",
     "name": "Orchestration Message Integrity",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AO-04",
     "name": "Human-in-the-Loop Gates for High-Consequence Orchestrations",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AO-05",
     "name": "Orchestration Loop and Escalation Detection",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AO-07",
     "name": "Orchestration Audit Trail",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AO-08",
     "name": "Orchestration Governance Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AM-01",
     "name": "Behavioral Telemetry Collection Baseline",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AM-02",
     "name": "Anomalous Action Detection",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AM-03",
     "name": "Goal Drift and Intent Deviation Detection",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AM-04",
     "name": "Resource Consumption Anomaly Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AM-05",
     "name": "Multi-Agent Communication Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AM-07",
     "name": "Real-Time Alerting and Automated Agent Suspension",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AM-08",
     "name": "Monitoring Coverage Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AG-01",
     "name": "Agentic AI Governance Structure",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AG-02",
     "name": "Agent Deployment Policy and Pre-Deployment Review Gate",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AG-03",
     "name": "Agentic AI Risk Assessment Framework",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AG-04",
     "name": "Senior Accountability for Autonomous AI Systems",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AG-05",
     "name": "Agent Incident Response Program",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AG-06",
     "name": "Agent Program Metrics and KPIs",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AG-07",
     "name": "Continuous Improvement and Lessons Learned",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AG-08",
     "name": "BehavioralAttestation Production",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "EF-01",
     "name": "Ethics Principles Adoption and Operationalization",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "EF-02",
     "name": "Values-to-Design Mapping",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "EF-03",
     "name": "Ethical Risk Appetite Definition",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "EF-04",
     "name": "Ethics Impact Assessment Framework",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "EF-06",
     "name": "Ethics-by-Design Integration in Development Lifecycle",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "XP-05",
     "name": "Model Card and System Card Transparency Disclosure",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "FM-01",
     "name": "Production Fairness Monitoring Program",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "FM-02",
     "name": "Disparate Outcome Threshold Governance",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "FM-08",
     "name": "Fairness Monitoring Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "EG-01",
     "name": "Ethics Governance Structure",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "EG-02",
     "name": "AI Ethics Policy Framework",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "EG-03",
     "name": "Senior and Board-Level Ethics Accountability",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "EG-05",
     "name": "Third-Party AI Provider Ethics Accountability",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "EG-06",
     "name": "Ethics Incident Response",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "EG-07",
     "name": "Ethics Program Metrics and Effectiveness Measurement",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "EG-08",
     "name": "EthicsAttestation Production",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RV-01",
     "name": "AI System RTO/RPO Definition and Validation",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RV-02",
     "name": "Resilience Control Verification Testing",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RV-03",
     "name": "Chaos Engineering for AI Systems",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RV-04",
     "name": "Recovery Capability Verification After Actual Incident",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RV-05",
     "name": "Third-Party AI Dependency Resilience Assessment",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RV-06",
     "name": "Multi-Region and Multi-AZ Resilience Verification",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RV-07",
     "name": "Degraded-Mode AI Operation Testing",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RV-08",
     "name": "Resilience Verification Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RP-01",
     "name": "AI-Specific Business Continuity Plan",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RP-02",
     "name": "AI System Disaster Recovery Plan",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RP-03",
     "name": "Model Rollback and Previous Version Recovery Planning",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RP-06",
     "name": "Third-Party AI Provider Outage Response Plan",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RO-02",
     "name": "Model Rollback Execution and Validation",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RO-04",
     "name": "Recovery Operations Communication Protocol",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RO-05",
     "name": "Pre-Restoration Validation Before Traffic Resumption",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RO-06",
     "name": "Recovery Operations Audit Trail",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RO-08",
     "name": "Recovery Operations Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "FO-04",
     "name": "Input Validation and Malformed Request Handling",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "FO-05",
     "name": "Cascade Failure Prevention in Multi-Agent Pipelines",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RE-01",
     "name": "High Availability Architecture for AI Systems",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RE-02",
     "name": "Stateless Agent Design and Session Recovery",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RE-03",
     "name": "Data Redundancy and Backup Governance",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RE-04",
     "name": "Infrastructure-as-Code for Reproducible Recovery",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RE-05",
     "name": "Dependency Isolation and Bulkhead Patterns",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RE-06",
     "name": "DORA Compliance Architecture for AI Systems",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RE-07",
     "name": "Resilience Engineering Review in Development Lifecycle",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RE-08",
     "name": "Resilience Engineering Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RG-01",
     "name": "Resilience Governance Structure",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RG-02",
     "name": "Resilience Policy Framework",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RG-03",
     "name": "Senior Accountability for AI Operational Resilience",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RG-04",
     "name": "Resilience Risk Appetite and Threshold Setting",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RG-06",
     "name": "Resilience Incident Response Integration",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RG-08",
     "name": "ResilienceAttestation Production",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MR-02",
     "name": "Model Risk Governance Policy Framework",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MR-03",
     "name": "Pre-Deployment Model Risk Assessment",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MR-04",
     "name": "Model Risk Appetite and Material Model Thresholds",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MR-05",
     "name": "Ongoing Model Risk Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MR-06",
     "name": "Third-Party and Vendor AI Model Risk Management",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MR-07",
     "name": "Emerging Model Risk Identification",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MV-01",
     "name": "Independent Validation Function Charter",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MV-02",
     "name": "Conceptual Soundness Assessment",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MV-03",
     "name": "Outcome Analysis and Backtesting",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MV-04",
     "name": "Benchmarking and Challenger Models",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MV-05",
     "name": "Validation Frequency and Trigger-Based Review",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MV-06",
     "name": "Validation Scope for AI/ML and LLM Models",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MV-07",
     "name": "Validation Finding Escalation and Remediation",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MV-08",
     "name": "Model Validation Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FD-01",
     "name": "AI-Driven Decision Transparency and Auditability",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FD-03",
     "name": "Fair Lending AI Explainability",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FD-04",
     "name": "Model Output Disclosure to Financial Regulators",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FD-08",
     "name": "Financial Disclosure Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FC-04",
     "name": "Change Management Controls for Financial AI Systems",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FP-01",
     "name": "AI Use Policy for Financial Decision-Making",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FP-02",
     "name": "Prohibited AI Use Cases in Financial Services",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FP-03",
     "name": "Financial AI Risk Appetite Statement",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FP-04",
     "name": "AI Procurement and Vendor Management Policy for Finance",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FP-05",
     "name": "Data Governance Policy for Financial AI",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FP-06",
     "name": "Financial AI Change Control Policy",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FP-07",
     "name": "AI Exception and Escalation Policy",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FP-08",
     "name": "Financial Policy Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FG-01",
     "name": "Finance AI Governance Structure",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FG-02",
     "name": "Senior and Named Accountability for Financial AI Decisions",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FG-04",
     "name": "Regulatory Relationship Management",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FG-05",
     "name": "Finance AI Incident Response Integration",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FG-07",
     "name": "Annual AI Governance Review",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FG-08",
     "name": "FinanceAttestation Production",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PV-01",
     "name": "Operating Intent Declaration",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PV-02",
     "name": "Operating Intent Boundary Validation",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PV-03",
     "name": "Intended Purpose Alignment Review",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PV-06",
     "name": "Operating Context Change Management",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PV-07",
     "name": "Deployment Scope Attestation",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PV-08",
     "name": "Principal Intent vs. Agent Behavior Alignment",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PO-06",
     "name": "Communication and Commitment Policy",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PO-08",
     "name": "Policy Obligation Gap Analysis",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PR-06",
     "name": "AI in Contract Negotiation Controls",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PG-06",
     "name": "Operating Intent Drift Detection",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PE-01",
     "name": "Policy Evidence Archive",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PE-02",
     "name": "Regulatory Disclosure Readiness",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PE-06",
     "name": "Board and Senior Management Policy Reporting",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PE-07",
     "name": "Policy Governance Program Assessment",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PE-08",
     "name": "Policy Attestation",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {
    "compliance": 30,
    "identity": 5,
    "agentic": 20,
    "ethics": 16,
    "resilience": 8,
    "finance": 6,
    "authority": 13
   },
   "title": "Anthropic Responsible Scaling Policy v3.3",
   "total": 278
  },
  {
   "source_id": "mitre_atlas",
   "framework_refs": [
    {
     "domain": "security",
     "control": "IA-01",
     "name": "Give every agent its own distinct identity, never a shared or human login",
     "requirement_id": "AML.M0019",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "IA-02",
     "name": "Hand out short-lived, task-scoped keys (no long-lived secrets)",
     "requirement_id": "AML.M0019",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "IA-02",
     "name": "Hand out short-lived, task-scoped keys (no long-lived secrets)",
     "requirement_id": "AML.M0028",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "IA-02",
     "name": "Hand out short-lived, task-scoped keys (no long-lived secrets)",
     "requirement_id": "AML.M0026",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "IA-02",
     "name": "Hand out short-lived, task-scoped keys (no long-lived secrets)",
     "requirement_id": "AML.M0027",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "IA-03",
     "name": "Act on the user's behalf with explicit approval for sensitive steps",
     "requirement_id": "AML.M0020",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "IA-03",
     "name": "Act on the user's behalf with explicit approval for sensitive steps",
     "requirement_id": "AML.M0029",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "IA-03",
     "name": "Act on the user's behalf with explicit approval for sensitive steps",
     "requirement_id": "AML.M0030",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "IA-04",
     "name": "Check permission continuously at run time, not just once at login",
     "requirement_id": "ATLAS mitigations: AML.M0026 (Privileged AI Agent Permissions Configuration), AML.M0027 (Single-User AI Agent Permissions Configuration)",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "IA-04",
     "name": "Check permission continuously at run time, not just once at login",
     "requirement_id": "AML.M0019",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "EC-01",
     "name": "Run the agent in a sandbox, from process isolation up to micro-VMs",
     "requirement_id": "AML.T0105 (Escape to Host); ATLAS mitigations: AML.M0032 (Segmentation of AI Agent Components)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "EC-02",
     "name": "Filter the agent's outbound network traffic",
     "requirement_id": "AML.T0025 (Exfiltration via Cyber Means); AML.T0086 (Exfiltration via AI Agent Tool Invocation); ATLAS mitigations: AML.M0030 (Restrict AI Agent Tool Invocation",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "EC-03",
     "name": "Keep memory short-lived, and validate anything written to it",
     "requirement_id": "AML.T0080 (AI Agent Context Poisoning); ATLAS mitigations: AML.M0031 (Memory Hardening), AML.M0030 (Restrict AI Agent Tool Invocation on Untrusted Data)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "EC-04",
     "name": "Limit filesystem and tool access to the bare minimum",
     "requirement_id": "AML.T0053 (AI Agent Tool Invocation); AML.T0098 (AI Agent Tool Credential Harvesting); ATLAS mitigations: AML.M0028 (AI Agent Tools Permissions Configuration)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "EC-04",
     "name": "Limit filesystem and tool access to the bare minimum",
     "requirement_id": "AML.M0028",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "EC-04",
     "name": "Limit filesystem and tool access to the bare minimum",
     "requirement_id": "AML.M0026",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "EC-04",
     "name": "Limit filesystem and tool access to the bare minimum",
     "requirement_id": "AML.M0027",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "EC-05",
     "name": "Cap spend and resource use, stop denial-of-wallet",
     "requirement_id": "AML.T0034.002 (Agentic Resource Consumption); ATLAS mitigations: AML.M0004 (Restrict Number of AI Model Queries)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "EC-06",
     "name": "Contain runaway loops and over-reach (least-agency)",
     "requirement_id": "AML.M0028",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "EC-06",
     "name": "Contain runaway loops and over-reach (least-agency)",
     "requirement_id": "AML.M0026",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "EC-06",
     "name": "Contain runaway loops and over-reach (least-agency)",
     "requirement_id": "AML.M0027",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "EC-07",
     "name": "Trust-rank retrieved content before it enters the agent's context",
     "requirement_id": "AML.T0070 (RAG Poisoning); AML.T0066 (Retrieval Content Crafting); AML.T0080 (AI Agent Context Poisoning); AML.T0100 (AI Agent Clickbait); ATLAS mitigations: AM",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "EC-08",
     "name": "Keep secrets out of the prompt and context",
     "requirement_id": "AML.T0056 (Extract LLM System Prompt); AML.T0098 (AI Agent Tool Credential Harvesting); ATLAS mitigations: AML.M0012 (Encrypt Sensitive Information), AML.M0005 ",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "EC-09",
     "name": "Treat the workspace and its config and hooks as untrusted",
     "requirement_id": "AML.T0081 (Modify AI Agent Configuration); ATLAS mitigations: AML.M0014 (Verify AI Artifacts)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "EC-10",
     "name": "Verify trigger provenance and admit autonomous runs",
     "requirement_id": "AML.M0019",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "PT-02",
     "name": "Authorize tool calls and govern the MCP server registry",
     "requirement_id": "AML.T0053 (AI Agent Tool Invocation); ATLAS mitigations: AML.M0028 (AI Agent Tools Permissions Configuration)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "PT-02",
     "name": "Authorize tool calls and govern the MCP server registry",
     "requirement_id": "AML.M0028",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "PT-02",
     "name": "Authorize tool calls and govern the MCP server registry",
     "requirement_id": "AML.M0026",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "PT-02",
     "name": "Authorize tool calls and govern the MCP server registry",
     "requirement_id": "AML.M0027",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "PT-02",
     "name": "Authorize tool calls and govern the MCP server registry",
     "requirement_id": "AML.M0023",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "PT-02",
     "name": "Authorize tool calls and govern the MCP server registry",
     "requirement_id": "AML.M0014",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "PT-03",
     "name": "Verify skill/tool manifest integrity and sign the supply chain",
     "requirement_id": "AML.T0099 (AI Agent Tool Data Poisoning); AML.T0104 (Publish Poisoned AI Agent Tool); ATLAS mitigations: AML.M0014 (Verify AI Artifacts), AML.M0013 (Code Signin",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "PT-03",
     "name": "Verify skill/tool manifest integrity and sign the supply chain",
     "requirement_id": "AML.M0023",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "PT-03",
     "name": "Verify skill/tool manifest integrity and sign the supply chain",
     "requirement_id": "AML.M0014",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "PT-04",
     "name": "Validate tool input/output, treat tool results as untrusted",
     "requirement_id": "ATLAS mitigation: AML.M0033 (Input and Output Validation for AI Agent Components)",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "PT-04",
     "name": "Validate tool input/output, treat tool results as untrusted",
     "requirement_id": "AML.M0015",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "PT-05",
     "name": "Encode and validate the agent's own output before it reaches other systems",
     "requirement_id": "AML.M0002",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "PT-06",
     "name": "Sanitize model-generated tool parameters, not just the schema",
     "requirement_id": "AML.T0053 (AI Agent Tool Invocation); ATLAS mitigations: AML.M0033 (Input and Output Validation for AI Agent Components)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "PT-06",
     "name": "Sanitize model-generated tool parameters, not just the schema",
     "requirement_id": "AML.M0002",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "PT-06",
     "name": "Sanitize model-generated tool parameters, not just the schema",
     "requirement_id": "AML.M0015",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "PT-07",
     "name": "Verify tool descriptions for hidden instructions (description injection)",
     "requirement_id": "AML.T0053 (AI Agent Tool Invocation); ATLAS mitigations: AML.M0033 (Input and Output Validation for AI Agent Components)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "PT-07",
     "name": "Verify tool descriptions for hidden instructions (description injection)",
     "requirement_id": "AML.M0015",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "PT-07",
     "name": "Verify tool descriptions for hidden instructions (description injection)",
     "requirement_id": "AML.M0023",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "PT-07",
     "name": "Verify tool descriptions for hidden instructions (description injection)",
     "requirement_id": "AML.M0014",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "PT-08",
     "name": "Enforce an instruction hierarchy so tool output cannot give the agent orders",
     "requirement_id": "AML.T0051 (LLM Prompt Injection); AML.T0080 (AI Agent Context Poisoning); ATLAS mitigations: AML.M0030 (Restrict AI Agent Tool Invocation on Untrusted Data)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "PT-08",
     "name": "Enforce an instruction hierarchy so tool output cannot give the agent orders",
     "requirement_id": "AML.M0015",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "GV-01",
     "name": "Require a human hard-stop for irreversible actions",
     "requirement_id": "AML.M0020",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "GV-01",
     "name": "Require a human hard-stop for irreversible actions",
     "requirement_id": "AML.M0029",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "GV-01",
     "name": "Require a human hard-stop for irreversible actions",
     "requirement_id": "AML.M0030",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "GV-02",
     "name": "Keep an immutable, tamper-evident audit trail of what the agent did",
     "requirement_id": "ATLAS mitigation: AML.M0024 (AI Telemetry Logging)",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "GV-02",
     "name": "Keep an immutable, tamper-evident audit trail of what the agent did",
     "requirement_id": "AML.M0024",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "GV-04",
     "name": "Enforce policy as code at run time, in the request path",
     "requirement_id": "AML.M0019",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "GV-06",
     "name": "Cap the rate and volume of irreversible actions",
     "requirement_id": "AML.M0004",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "GV-07",
     "name": "Protect humans from being deceived by an agent",
     "requirement_id": "AML.M0020",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "GV-07",
     "name": "Protect humans from being deceived by an agent",
     "requirement_id": "AML.M0029",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "GV-07",
     "name": "Protect humans from being deceived by an agent",
     "requirement_id": "AML.M0030",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "GV-08",
     "name": "Make high-impact actions transactional, atomic, idempotent, state-checked",
     "requirement_id": "AML.T0101 (Data Destruction via AI Agent Tool Invocation); ATLAS mitigations: AML.M0029 (Human In-the-Loop for AI Agent Actions), AML.M0026 (Privileged AI Agent",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "GV-08",
     "name": "Make high-impact actions transactional, atomic, idempotent, state-checked",
     "requirement_id": "AML.M0019",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "GV-10",
     "name": "Enable end-user responsibility and guard against automation bias",
     "requirement_id": "ATLAS mitigation: AML.M0018 (User Training)",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "GV-10",
     "name": "Enable end-user responsibility and guard against automation bias",
     "requirement_id": "AML.M0020",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "GV-10",
     "name": "Enable end-user responsibility and guard against automation bias",
     "requirement_id": "AML.M0029",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "GV-10",
     "name": "Enable end-user responsibility and guard against automation bias",
     "requirement_id": "AML.M0030",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "GV-10",
     "name": "Enable end-user responsibility and guard against automation bias",
     "requirement_id": "AML.M0018",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "RT-01",
     "name": "Capture OS-level telemetry of what the agent actually does",
     "requirement_id": "ATLAS mitigation: AML.M0024 (AI Telemetry Logging)",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "RT-01",
     "name": "Capture OS-level telemetry of what the agent actually does",
     "requirement_id": "AML.M0024",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "RT-02",
     "name": "Detect direct and indirect prompt injection at every input and output",
     "requirement_id": "AML.T0051 (LLM Prompt Injection); ATLAS mitigations: AML.M0015 (Adversarial Input Detection), AML.M0020 (Generative AI Guardrails)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "RT-02",
     "name": "Detect direct and indirect prompt injection at every input and output",
     "requirement_id": "AML.M0015",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "RT-03",
     "name": "Supervise the agent's reasoning and check it matches its actions",
     "requirement_id": "AML.M0024",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "RT-03",
     "name": "Supervise the agent's reasoning and check it matches its actions",
     "requirement_id": "AML.M0020",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "RT-03",
     "name": "Supervise the agent's reasoning and check it matches its actions",
     "requirement_id": "AML.M0029",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "RT-03",
     "name": "Supervise the agent's reasoning and check it matches its actions",
     "requirement_id": "AML.M0030",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "RT-04",
     "name": "Detect anomalies and trigger pause, kill switch, or containment",
     "requirement_id": "AML.M0024",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "RT-05",
     "name": "Apply data-loss prevention to agent egress and interactions",
     "requirement_id": "AML.T0057 (LLM Data Leakage); AML.T0024 (Exfiltration via AI Inference API); AML.T0086 (Exfiltration via AI Agent Tool Invocation)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "RT-05",
     "name": "Apply data-loss prevention to agent egress and interactions",
     "requirement_id": "AML.M0020",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "RT-06",
     "name": "Map AI-native threats, extend ATT&CK/ATLAS to agentic orchestration",
     "requirement_id": "AML.T0053 (AI Agent Tool Invocation); AML.T0070 (RAG Poisoning); AML.T0080 (AI Agent Context Poisoning); AML.T0086 (Exfiltration via AI Agent Tool Invocation); ",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "RT-07",
     "name": "Detect multi-agent collusion and covert channels",
     "requirement_id": "ATLAS mitigation: AML.M0024 (AI Telemetry Logging)",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "RT-07",
     "name": "Detect multi-agent collusion and covert channels",
     "requirement_id": "AML.M0024",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "RT-08",
     "name": "Monitor latent and representation-level signals, not just visible reasoning",
     "requirement_id": "AML.M0024",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "AS-01",
     "name": "Adversarially red-team and evaluate the agent before launch",
     "requirement_id": "AML.M0008",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "AS-02",
     "name": "Statically analyze agent skills and manifests in CI",
     "requirement_id": "AML.M0023",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "AS-02",
     "name": "Statically analyze agent skills and manifests in CI",
     "requirement_id": "AML.M0014",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "AS-03",
     "name": "Gate releases on continuous adversarial validation",
     "requirement_id": "AML.M0008",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "AS-05",
     "name": "Study frontier offensive capability before public release",
     "requirement_id": "AML.M0008",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "AS-06",
     "name": "Verify model-weights and training-data provenance before load",
     "requirement_id": "AML.M0023",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "AS-06",
     "name": "Verify model-weights and training-data provenance before load",
     "requirement_id": "AML.M0014",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "AS-07",
     "name": "Verify a skill does what it declares (behavioral integrity)",
     "requirement_id": "AML.M0023",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "AS-07",
     "name": "Verify a skill does what it declares (behavioral integrity)",
     "requirement_id": "AML.M0014",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "LI-01",
     "name": "Unique Model Identity and Content-Addressed Version Hash",
     "requirement_id": "AML.T0044",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "LI-01",
     "name": "Unique Model Identity and Content-Addressed Version Hash",
     "requirement_id": "AML.M0023",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "LI-01",
     "name": "Unique Model Identity and Content-Addressed Version Hash",
     "requirement_id": "AML.M0014",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "LI-02",
     "name": "Model Provenance Chain — Base Model, Fine-Tune, Merge, and Adapter Lineage",
     "requirement_id": "AML.T0018",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "LI-02",
     "name": "Model Provenance Chain — Base Model, Fine-Tune, Merge, and Adapter Lineage",
     "requirement_id": "AML.M0023",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "LI-02",
     "name": "Model Provenance Chain — Base Model, Fine-Tune, Merge, and Adapter Lineage",
     "requirement_id": "AML.M0014",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "LI-03",
     "name": "Supply Chain Integrity — Third-Party Model Verification and Cryptographic...",
     "requirement_id": "AML.T0010",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "LI-03",
     "name": "Supply Chain Integrity — Third-Party Model Verification and Cryptographic...",
     "requirement_id": "AML.M0023",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "LI-03",
     "name": "Supply Chain Integrity — Third-Party Model Verification and Cryptographic...",
     "requirement_id": "AML.M0014",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "LI-04",
     "name": "Structured Model Documentation — Complete Model Card with All Required Sections",
     "requirement_id": "AML.T0044",
     "fit": "adjacent"
    },
    {
     "domain": "model",
     "control": "LI-05",
     "name": "Training Data Lineage Pointer — Link from Model Registry to TG-Layer Dataset...",
     "requirement_id": "AML.T0020",
     "fit": "adjacent"
    },
    {
     "domain": "model",
     "control": "LI-05",
     "name": "Training Data Lineage Pointer — Link from Model Registry to TG-Layer Dataset...",
     "requirement_id": "AML.M0023",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "LI-05",
     "name": "Training Data Lineage Pointer — Link from Model Registry to TG-Layer Dataset...",
     "requirement_id": "AML.M0014",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "LI-06",
     "name": "Immutable Version Control with Tested Rollback and Emergency Disable",
     "requirement_id": "AML.T0044",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "LI-09",
     "name": "Material-Change Determination and Authorization Gate",
     "requirement_id": "AML.M0008",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "TG-01",
     "name": "Training Data Quality Gates",
     "requirement_id": "AML.T0020",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "TG-01",
     "name": "Training Data Quality Gates",
     "requirement_id": "AML.M0007",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "TG-02",
     "name": "Bias and Representativeness Assessment",
     "requirement_id": "AML.T0020",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "TG-02",
     "name": "Bias and Representativeness Assessment",
     "requirement_id": "AML.M0007",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "TG-02",
     "name": "Bias and Representativeness Assessment",
     "requirement_id": "AML.M0008",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "TG-03",
     "name": "Data Rights, Lawful Authority and Permitted Use",
     "requirement_id": "AML.T0018",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "TG-04",
     "name": "Data Poisoning Prevention",
     "requirement_id": "AML.T0020",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "TG-04",
     "name": "Data Poisoning Prevention",
     "requirement_id": "AML.M0007",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "TG-05",
     "name": "Train/Evaluation/Test Separation and Contamination Prevention",
     "requirement_id": "AML.T0020",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "TG-06",
     "name": "Sensitive-Data Necessity, Minimization and Controlled Use",
     "requirement_id": "AML.T0024",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "TG-07",
     "name": "Third-Party Dataset Governance",
     "requirement_id": "AML.T0018",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "TG-07",
     "name": "Third-Party Dataset Governance",
     "requirement_id": "AML.M0023",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "TG-07",
     "name": "Third-Party Dataset Governance",
     "requirement_id": "AML.M0014",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "TG-08",
     "name": "Dataset Retention, Deletion and Lifecycle",
     "requirement_id": "AML.T0024",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "EV-01",
     "name": "Pre-Deployment Evaluation Gate",
     "requirement_id": "AML.T0043",
     "fit": "adjacent"
    },
    {
     "domain": "model",
     "control": "EV-01",
     "name": "Pre-Deployment Evaluation Gate",
     "requirement_id": "AML.M0008",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "EV-02",
     "name": "Fitness, Safety, Reliability and Policy-Conformance Evaluation",
     "requirement_id": "AML.T0043",
     "fit": "adjacent"
    },
    {
     "domain": "model",
     "control": "EV-02",
     "name": "Fitness, Safety, Reliability and Policy-Conformance Evaluation",
     "requirement_id": "AML.M0008",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "EV-03",
     "name": "Dangerous Capability Threshold Assessment",
     "requirement_id": "AML.T0043",
     "fit": "adjacent"
    },
    {
     "domain": "model",
     "control": "EV-04",
     "name": "Adversarial Red-Team Testing",
     "requirement_id": "AML.T0051",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "EV-04",
     "name": "Adversarial Red-Team Testing",
     "requirement_id": "AML.M0008",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "EV-05",
     "name": "Fairness and Bias Evaluation",
     "requirement_id": "AML.M0008",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "EV-07",
     "name": "Regression Testing on Updates",
     "requirement_id": "AML.T0043",
     "fit": "adjacent"
    },
    {
     "domain": "model",
     "control": "EV-07",
     "name": "Regression Testing on Updates",
     "requirement_id": "AML.M0008",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "OA-02",
     "name": "Meaningful Human Oversight for High-Stakes Decisions",
     "requirement_id": "AML.M0020",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "OA-02",
     "name": "Meaningful Human Oversight for High-Stakes Decisions",
     "requirement_id": "AML.M0029",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "OA-02",
     "name": "Meaningful Human Oversight for High-Stakes Decisions",
     "requirement_id": "AML.M0030",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "OA-04",
     "name": "Delegated Autonomy Tier Governance",
     "requirement_id": "AML.M0028",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "OA-04",
     "name": "Delegated Autonomy Tier Governance",
     "requirement_id": "AML.M0026",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "OA-04",
     "name": "Delegated Autonomy Tier Governance",
     "requirement_id": "AML.M0027",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "OA-06",
     "name": "Third-Party Model and Vendor Risk Oversight",
     "requirement_id": "AML.T0010",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "OA-06",
     "name": "Third-Party Model and Vendor Risk Oversight",
     "requirement_id": "AML.M0023",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "OA-06",
     "name": "Third-Party Model and Vendor Risk Oversight",
     "requirement_id": "AML.M0014",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "BH-01",
     "name": "Output Anomaly Detection",
     "requirement_id": "AML.M0024",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "BH-02",
     "name": "Concept and Data Drift Detection",
     "requirement_id": "AML.M0008",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "BH-03",
     "name": "Production Performance Degradation Alerting",
     "requirement_id": "AML.M0008",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "BH-04",
     "name": "Behavioral Boundary Performance Testing",
     "requirement_id": "AML.M0008",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "BH-05",
     "name": "Usage Telemetry and Decision Logging",
     "requirement_id": "AML.M0024",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "BH-06",
     "name": "Injection-Resistance Evaluation in Production",
     "requirement_id": "AML.M0015",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "BH-07",
     "name": "Resource and Cost Anomaly Monitoring",
     "requirement_id": "AML.M0004",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "BH-07",
     "name": "Resource and Cost Anomaly Monitoring",
     "requirement_id": "AML.M0024",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "CR-01",
     "name": "Continuous Production Monitoring and Risk Aggregation",
     "requirement_id": "AML.M0024",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "CR-03",
     "name": "Scheduled Model Re-validation",
     "requirement_id": "AML.M0008",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "CR-06",
     "name": "Post-Market Surveillance",
     "requirement_id": "AML.M0024",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "EV-13",
     "name": "Training-Data Memorization and Regurgitation Testing",
     "requirement_id": "AML.M0020",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "DG-02",
     "name": "Data Processor Agreements",
     "requirement_id": "AML.M0023",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "DG-02",
     "name": "Data Processor Agreements",
     "requirement_id": "AML.M0014",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "DP-04",
     "name": "Inference Scope Limitation",
     "requirement_id": "AML.M0020",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "DP-05",
     "name": "Output PII Scrubbing",
     "requirement_id": "AML.M0020",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "PM-01",
     "name": "Privacy Incident Detection",
     "requirement_id": "AML.M0024",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "PM-02",
     "name": "Cross-Context Inference Monitoring",
     "requirement_id": "AML.M0020",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "PM-05",
     "name": "Inference Log Monitoring",
     "requirement_id": "AML.M0024",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "PM-07",
     "name": "Third-Party Privacy Monitoring",
     "requirement_id": "AML.M0023",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "PM-07",
     "name": "Third-Party Privacy Monitoring",
     "requirement_id": "AML.M0014",
     "fit": "supporting"
    },
    {
     "domain": "agentic",
     "control": "AA-01",
     "name": "Agent Identity Presentation at Tool Invocation",
     "requirement_id": "AML.T0012",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AA-03",
     "name": "mTLS and Certificate-Based Agent Authentication",
     "requirement_id": "AML.T0040 — AI Model Inference API Access",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AA-06",
     "name": "Cross-System Authentication Chaining",
     "requirement_id": "AML.T0012",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AA-07",
     "name": "Authentication Failure Monitoring and Alerting",
     "requirement_id": "AML.T0012",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AB-01",
     "name": "Authorized Action Scope Manifest",
     "requirement_id": "AML.M0015 — Adversarial Input Detection",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AB-01",
     "name": "Authorized Action Scope Manifest",
     "requirement_id": "AML.M0028",
     "fit": "supporting"
    },
    {
     "domain": "agentic",
     "control": "AB-01",
     "name": "Authorized Action Scope Manifest",
     "requirement_id": "AML.M0026",
     "fit": "supporting"
    },
    {
     "domain": "agentic",
     "control": "AB-01",
     "name": "Authorized Action Scope Manifest",
     "requirement_id": "AML.M0027",
     "fit": "supporting"
    },
    {
     "domain": "agentic",
     "control": "AB-02",
     "name": "Tool-Call Authorization Policy",
     "requirement_id": "AML.M0028",
     "fit": "supporting"
    },
    {
     "domain": "agentic",
     "control": "AB-02",
     "name": "Tool-Call Authorization Policy",
     "requirement_id": "AML.M0026",
     "fit": "supporting"
    },
    {
     "domain": "agentic",
     "control": "AB-02",
     "name": "Tool-Call Authorization Policy",
     "requirement_id": "AML.M0027",
     "fit": "supporting"
    },
    {
     "domain": "agentic",
     "control": "AB-04",
     "name": "Output Policy Enforcement",
     "requirement_id": "AML.M0020",
     "fit": "supporting"
    },
    {
     "domain": "agentic",
     "control": "AB-04",
     "name": "Output Policy Enforcement",
     "requirement_id": "AML.M0002",
     "fit": "supporting"
    },
    {
     "domain": "agentic",
     "control": "AB-05",
     "name": "Prompt Injection Detection and Defense",
     "requirement_id": "AML.T0051 — LLM Prompt Injection",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AB-05",
     "name": "Prompt Injection Detection and Defense",
     "requirement_id": "AML.M0015",
     "fit": "supporting"
    },
    {
     "domain": "agentic",
     "control": "AB-06",
     "name": "Rate Limiting and Resource Budget Enforcement",
     "requirement_id": "AML.M0004",
     "fit": "supporting"
    },
    {
     "domain": "agentic",
     "control": "AB-07",
     "name": "Behavioral Drift Monitoring",
     "requirement_id": "AML.T0018 — Backdoor ML Model",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AB-07",
     "name": "Behavioral Drift Monitoring",
     "requirement_id": "AML.M0024",
     "fit": "supporting"
    },
    {
     "domain": "agentic",
     "control": "AT-01",
     "name": "Tool and Plugin Registry",
     "requirement_id": "AML.T0010 — AI Supply Chain Compromise",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AT-02",
     "name": "Tool Permission Scoping",
     "requirement_id": "AML.M0028",
     "fit": "supporting"
    },
    {
     "domain": "agentic",
     "control": "AT-02",
     "name": "Tool Permission Scoping",
     "requirement_id": "AML.M0026",
     "fit": "supporting"
    },
    {
     "domain": "agentic",
     "control": "AT-02",
     "name": "Tool Permission Scoping",
     "requirement_id": "AML.M0027",
     "fit": "supporting"
    },
    {
     "domain": "agentic",
     "control": "AT-03",
     "name": "Tool Input Validation and Schema Enforcement",
     "requirement_id": "AML.T0051 – LLM Prompt Injection",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AT-03",
     "name": "Tool Input Validation and Schema Enforcement",
     "requirement_id": "AML.M0015",
     "fit": "supporting"
    },
    {
     "domain": "agentic",
     "control": "AT-04",
     "name": "Tool Output Sanitization and Integrity Verification",
     "requirement_id": "AML.T0051 — LLM Prompt Injection",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AT-04",
     "name": "Tool Output Sanitization and Integrity Verification",
     "requirement_id": "AML.M0015",
     "fit": "supporting"
    },
    {
     "domain": "agentic",
     "control": "AT-05",
     "name": "Dangerous and Irreversible Tool Access Controls",
     "requirement_id": "AML.M0028",
     "fit": "supporting"
    },
    {
     "domain": "agentic",
     "control": "AT-05",
     "name": "Dangerous and Irreversible Tool Access Controls",
     "requirement_id": "AML.M0026",
     "fit": "supporting"
    },
    {
     "domain": "agentic",
     "control": "AT-05",
     "name": "Dangerous and Irreversible Tool Access Controls",
     "requirement_id": "AML.M0027",
     "fit": "supporting"
    },
    {
     "domain": "agentic",
     "control": "AT-06",
     "name": "Third-Party Plugin Vetting and Sandboxing",
     "requirement_id": "AML.T0010 — AI Supply Chain Compromise",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AO-02",
     "name": "Sub-Agent Authorization and Capability Delegation",
     "requirement_id": "AML.M0028",
     "fit": "supporting"
    },
    {
     "domain": "agentic",
     "control": "AO-02",
     "name": "Sub-Agent Authorization and Capability Delegation",
     "requirement_id": "AML.M0026",
     "fit": "supporting"
    },
    {
     "domain": "agentic",
     "control": "AO-02",
     "name": "Sub-Agent Authorization and Capability Delegation",
     "requirement_id": "AML.M0027",
     "fit": "supporting"
    },
    {
     "domain": "agentic",
     "control": "AO-03",
     "name": "Orchestration Message Integrity",
     "requirement_id": "AML.T0051",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AO-04",
     "name": "Human-in-the-Loop Gates for High-Consequence Orchestrations",
     "requirement_id": "AML.M0020",
     "fit": "supporting"
    },
    {
     "domain": "agentic",
     "control": "AO-04",
     "name": "Human-in-the-Loop Gates for High-Consequence Orchestrations",
     "requirement_id": "AML.M0029",
     "fit": "supporting"
    },
    {
     "domain": "agentic",
     "control": "AO-04",
     "name": "Human-in-the-Loop Gates for High-Consequence Orchestrations",
     "requirement_id": "AML.M0030",
     "fit": "supporting"
    },
    {
     "domain": "agentic",
     "control": "AM-01",
     "name": "Behavioral Telemetry Collection Baseline",
     "requirement_id": "AML.M0024",
     "fit": "supporting"
    },
    {
     "domain": "agentic",
     "control": "AM-02",
     "name": "Anomalous Action Detection",
     "requirement_id": "AML.T0051",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AM-02",
     "name": "Anomalous Action Detection",
     "requirement_id": "AML.M0024",
     "fit": "supporting"
    },
    {
     "domain": "agentic",
     "control": "AM-05",
     "name": "Multi-Agent Communication Monitoring",
     "requirement_id": "AML.T0051 — LLM Prompt Injection",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AM-07",
     "name": "Real-Time Alerting and Automated Agent Suspension",
     "requirement_id": "AML.M0024",
     "fit": "supporting"
    },
    {
     "domain": "agentic",
     "control": "AG-05",
     "name": "Agent Incident Response Program",
     "requirement_id": "ATLAS tactics and techniques (framework-wide)",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AB-09",
     "name": "Comprehensive Input Validation and Multimodal Screening",
     "requirement_id": "AML.M0015",
     "fit": "supporting"
    },
    {
     "domain": "agentic",
     "control": "AB-09",
     "name": "Comprehensive Input Validation and Multimodal Screening",
     "requirement_id": "AML.M0010",
     "fit": "supporting"
    },
    {
     "domain": "agentic",
     "control": "AB-09",
     "name": "Comprehensive Input Validation and Multimodal Screening",
     "requirement_id": "AML.M0009",
     "fit": "supporting"
    },
    {
     "domain": "ethics",
     "control": "EF-06",
     "name": "Ethics-by-Design Integration in Development Lifecycle",
     "requirement_id": "AML.M0021",
     "fit": "supporting"
    },
    {
     "domain": "ethics",
     "control": "EF-06",
     "name": "Ethics-by-Design Integration in Development Lifecycle",
     "requirement_id": "AML.M0022",
     "fit": "supporting"
    },
    {
     "domain": "ethics",
     "control": "FA-02",
     "name": "Algorithmic Bias Impact Assessment",
     "requirement_id": "AML.M0008",
     "fit": "supporting"
    },
    {
     "domain": "ethics",
     "control": "FA-04",
     "name": "Independent Bias Testing Methodology",
     "requirement_id": "AML.M0008",
     "fit": "supporting"
    },
    {
     "domain": "ethics",
     "control": "FA-06",
     "name": "Disparate Impact Analysis",
     "requirement_id": "AML.M0008",
     "fit": "supporting"
    },
    {
     "domain": "ethics",
     "control": "HI-04",
     "name": "Human Oversight and Override Mechanisms",
     "requirement_id": "AML.M0020",
     "fit": "supporting"
    },
    {
     "domain": "ethics",
     "control": "HI-04",
     "name": "Human Oversight and Override Mechanisms",
     "requirement_id": "AML.M0029",
     "fit": "supporting"
    },
    {
     "domain": "ethics",
     "control": "HI-04",
     "name": "Human Oversight and Override Mechanisms",
     "requirement_id": "AML.M0030",
     "fit": "supporting"
    },
    {
     "domain": "ethics",
     "control": "FM-03",
     "name": "Statistical Parity and Equalized Odds Monitoring",
     "requirement_id": "AML.M0008",
     "fit": "supporting"
    },
    {
     "domain": "data",
     "control": "DI-01",
     "name": "Data Integrity Baseline and Checksum Monitoring",
     "requirement_id": "AML.M0007",
     "fit": "supporting"
    },
    {
     "domain": "data",
     "control": "DI-03",
     "name": "Cross-System Data Consistency Validation",
     "requirement_id": "AML.M0007",
     "fit": "supporting"
    },
    {
     "domain": "data",
     "control": "DI-06",
     "name": "Model Memorization Risk Assessment and Output Leakage Prevention",
     "requirement_id": "AML.M0020",
     "fit": "supporting"
    },
    {
     "domain": "data",
     "control": "DM-05",
     "name": "Data Quality Standards and Target Setting",
     "requirement_id": "AML.M0007",
     "fit": "supporting"
    },
    {
     "domain": "data",
     "control": "DL-01",
     "name": "End-to-End Data Lineage Tracking",
     "requirement_id": "AML.M0023",
     "fit": "supporting"
    },
    {
     "domain": "data",
     "control": "DL-01",
     "name": "End-to-End Data Lineage Tracking",
     "requirement_id": "AML.M0014",
     "fit": "supporting"
    },
    {
     "domain": "data",
     "control": "DL-02",
     "name": "Training Data Lineage Documentation",
     "requirement_id": "AML.M0023",
     "fit": "supporting"
    },
    {
     "domain": "data",
     "control": "DL-02",
     "name": "Training Data Lineage Documentation",
     "requirement_id": "AML.M0014",
     "fit": "supporting"
    },
    {
     "domain": "data",
     "control": "DL-04",
     "name": "Transformation and Enrichment Lineage",
     "requirement_id": "AML.M0023",
     "fit": "supporting"
    },
    {
     "domain": "data",
     "control": "DL-04",
     "name": "Transformation and Enrichment Lineage",
     "requirement_id": "AML.M0014",
     "fit": "supporting"
    },
    {
     "domain": "data",
     "control": "DA-01",
     "name": "AI Data Access Authorization Framework",
     "requirement_id": "AML.M0001",
     "fit": "supporting"
    },
    {
     "domain": "data",
     "control": "DA-01",
     "name": "AI Data Access Authorization Framework",
     "requirement_id": "AML.M0000",
     "fit": "supporting"
    },
    {
     "domain": "data",
     "control": "DV-01",
     "name": "Schema Validation for AI Inputs",
     "requirement_id": "AML.M0007",
     "fit": "supporting"
    },
    {
     "domain": "data",
     "control": "DV-02",
     "name": "Data Quality Gate Enforcement",
     "requirement_id": "AML.M0007",
     "fit": "supporting"
    },
    {
     "domain": "data",
     "control": "DV-03",
     "name": "Statistical Distribution Validation",
     "requirement_id": "AML.M0007",
     "fit": "supporting"
    }
   ],
   "source_refs": [
    {
     "domain": "security",
     "control": "EC-07",
     "name": "Trust-rank retrieved content before it enters the agent's context",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "PT-08",
     "name": "Enforce an instruction hierarchy so tool output cannot give the agent orders",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "RT-06",
     "name": "Map AI-native threats, extend ATT&CK/ATLAS to agentic orchestration",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "LI-02",
     "name": "Model Provenance Chain — Base Model, Fine-Tune, Merge, and Adapter Lineage",
     "relationship": "informative_reference"
    },
    {
     "domain": "model",
     "control": "LI-03",
     "name": "Supply Chain Integrity — Third-Party Model Verification and Cryptographic...",
     "relationship": "informative_reference"
    },
    {
     "domain": "model",
     "control": "TG-04",
     "name": "Data Poisoning Prevention",
     "relationship": "informative_reference"
    },
    {
     "domain": "model",
     "control": "TG-07",
     "name": "Third-Party Dataset Governance",
     "relationship": "informative_reference"
    },
    {
     "domain": "model",
     "control": "EV-04",
     "name": "Adversarial Red-Team Testing",
     "relationship": "informative_reference"
    },
    {
     "domain": "model",
     "control": "OA-06",
     "name": "Third-Party Model and Vendor Risk Oversight",
     "relationship": "informative_reference"
    },
    {
     "domain": "model",
     "control": "BH-01",
     "name": "Output Anomaly Detection",
     "relationship": "informative_reference"
    },
    {
     "domain": "model",
     "control": "BH-02",
     "name": "Concept and Data Drift Detection",
     "relationship": "informative_reference"
    },
    {
     "domain": "model",
     "control": "BH-04",
     "name": "Behavioral Boundary Performance Testing",
     "relationship": "informative_reference"
    },
    {
     "domain": "model",
     "control": "BH-05",
     "name": "Usage Telemetry and Decision Logging",
     "relationship": "informative_reference"
    },
    {
     "domain": "model",
     "control": "BH-06",
     "name": "Injection-Resistance Evaluation in Production",
     "relationship": "informative_reference"
    },
    {
     "domain": "model",
     "control": "BH-07",
     "name": "Resource and Cost Anomaly Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "model",
     "control": "BH-10",
     "name": "Feedback Loop Integrity and Online Learning Governance",
     "relationship": "informative_reference"
    },
    {
     "domain": "model",
     "control": "CR-04",
     "name": "AI Incident Response Management",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AB-01",
     "name": "Authorized Action Scope Manifest",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {
    "security": 87,
    "model": 60,
    "privacy": 9,
    "agentic": 46,
    "ethics": 9,
    "data": 15
   },
   "title": "MITRE ATLAS",
   "total": 244
  },
  {
   "source_id": "nist_ai_rmf",
   "framework_refs": [
    {
     "domain": "security",
     "control": "IA-01",
     "name": "Give every agent its own distinct identity, never a shared or human login",
     "requirement_id": "AI RMF: Manage",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "IA-02",
     "name": "Hand out short-lived, task-scoped keys (no long-lived secrets)",
     "requirement_id": "AI RMF: Manage",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "IA-03",
     "name": "Act on the user's behalf with explicit approval for sensitive steps",
     "requirement_id": "AI RMF: Govern, Manage",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "IA-04",
     "name": "Check permission continuously at run time, not just once at login",
     "requirement_id": "AI RMF: Manage",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "IA-05",
     "name": "Find and inventory every agent, surface the shadow ones",
     "requirement_id": "AI RMF: Map",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "IA-06",
     "name": "Bind a signed, end-to-end provenance chain to every agent action",
     "requirement_id": "AI RMF: Govern, Manage",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "EC-01",
     "name": "Run the agent in a sandbox, from process isolation up to micro-VMs",
     "requirement_id": "AI RMF: Manage",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "EC-02",
     "name": "Filter the agent's outbound network traffic",
     "requirement_id": "AI RMF: Manage",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "EC-03",
     "name": "Keep memory short-lived, and validate anything written to it",
     "requirement_id": "AI RMF: Manage",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "EC-04",
     "name": "Limit filesystem and tool access to the bare minimum",
     "requirement_id": "AI RMF: Manage",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "EC-05",
     "name": "Cap spend and resource use, stop denial-of-wallet",
     "requirement_id": "AI RMF: Manage",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "EC-06",
     "name": "Contain runaway loops and over-reach (least-agency)",
     "requirement_id": "AI RMF: Manage",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "EC-07",
     "name": "Trust-rank retrieved content before it enters the agent's context",
     "requirement_id": "AI RMF: Map, Manage",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "EC-08",
     "name": "Keep secrets out of the prompt and context",
     "requirement_id": "AI RMF: Manage",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "EC-09",
     "name": "Treat the workspace and its config and hooks as untrusted",
     "requirement_id": "AI RMF: Manage",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "EC-10",
     "name": "Verify trigger provenance and admit autonomous runs",
     "requirement_id": "AI RMF: Manage",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "PT-01",
     "name": "Authenticate and sign agent-to-agent communication",
     "requirement_id": "AI RMF: Manage",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "PT-02",
     "name": "Authorize tool calls and govern the MCP server registry",
     "requirement_id": "AI RMF: Manage",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "PT-03",
     "name": "Verify skill/tool manifest integrity and sign the supply chain",
     "requirement_id": "AI RMF: Map, Manage",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "PT-04",
     "name": "Validate tool input/output, treat tool results as untrusted",
     "requirement_id": "AI RMF: Measure, Manage",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "PT-05",
     "name": "Encode and validate the agent's own output before it reaches other systems",
     "requirement_id": "AI RMF: Manage",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "PT-06",
     "name": "Sanitize model-generated tool parameters, not just the schema",
     "requirement_id": "AI RMF: Manage",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "PT-07",
     "name": "Verify tool descriptions for hidden instructions (description injection)",
     "requirement_id": "AI RMF: Manage",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "PT-08",
     "name": "Enforce an instruction hierarchy so tool output cannot give the agent orders",
     "requirement_id": "AI RMF: Manage",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "GV-01",
     "name": "Require a human hard-stop for irreversible actions",
     "requirement_id": "AI RMF: Govern",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "GV-02",
     "name": "Keep an immutable, tamper-evident audit trail of what the agent did",
     "requirement_id": "AI RMF: Govern, Manage",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "GV-03",
     "name": "Define multi-agent authority and conflict resolution explicitly",
     "requirement_id": "AI RMF: Govern, Map",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "GV-04",
     "name": "Enforce policy as code at run time, in the request path",
     "requirement_id": "AI RMF: Manage",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "GV-05",
     "name": "Run an AI management system and tier agents by their autonomy",
     "requirement_id": "AI RMF: Govern; AI 600-1; COSAiS overlays (forthcoming)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "GV-06",
     "name": "Cap the rate and volume of irreversible actions",
     "requirement_id": "AI RMF: Manage",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "GV-07",
     "name": "Protect humans from being deceived by an agent",
     "requirement_id": "AI RMF: Govern, Measure",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "GV-08",
     "name": "Make high-impact actions transactional, atomic, idempotent, state-checked",
     "requirement_id": "AI RMF: Manage",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "GV-09",
     "name": "Anchor a named business owner to every agent (accountability)",
     "requirement_id": "AI RMF: Govern",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "GV-10",
     "name": "Enable end-user responsibility and guard against automation bias",
     "requirement_id": "AI RMF: Govern",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "GV-11",
     "name": "Plan recovery and compensation for actions the agent already committed",
     "requirement_id": "AI RMF: Manage",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "RT-01",
     "name": "Capture OS-level telemetry of what the agent actually does",
     "requirement_id": "AI RMF: Measure",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "RT-02",
     "name": "Detect direct and indirect prompt injection at every input and output",
     "requirement_id": "AI RMF: Measure, Manage",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "RT-03",
     "name": "Supervise the agent's reasoning and check it matches its actions",
     "requirement_id": "AI RMF: Measure, Manage",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "RT-04",
     "name": "Detect anomalies and trigger pause, kill switch, or containment",
     "requirement_id": "AI RMF: Manage",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "RT-05",
     "name": "Apply data-loss prevention to agent egress and interactions",
     "requirement_id": "AI RMF: Manage",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "RT-06",
     "name": "Map AI-native threats, extend ATT&CK/ATLAS to agentic orchestration",
     "requirement_id": "AI RMF: Map, Measure",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "RT-07",
     "name": "Detect multi-agent collusion and covert channels",
     "requirement_id": "AI RMF: Measure",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "RT-08",
     "name": "Monitor latent and representation-level signals, not just visible reasoning",
     "requirement_id": "AI RMF: Measure",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "AS-01",
     "name": "Adversarially red-team and evaluate the agent before launch",
     "requirement_id": "AI RMF: Measure",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "AS-02",
     "name": "Statically analyze agent skills and manifests in CI",
     "requirement_id": "AI RMF: Map, Manage",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "AS-03",
     "name": "Gate releases on continuous adversarial validation",
     "requirement_id": "AI RMF: Measure, Manage",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "AS-04",
     "name": "Run a bug-bounty / vulnerability reward program for agentic abuse",
     "requirement_id": "AI RMF: Measure",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "AS-05",
     "name": "Study frontier offensive capability before public release",
     "requirement_id": "AI RMF: Map, Measure",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "AS-06",
     "name": "Verify model-weights and training-data provenance before load",
     "requirement_id": "AI RMF: Map, Manage",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "AS-07",
     "name": "Verify a skill does what it declares (behavioral integrity)",
     "requirement_id": "AI RMF: Map, Measure",
     "fit": "adjacent"
    },
    {
     "domain": "model",
     "control": "LI-01",
     "name": "Unique Model Identity and Content-Addressed Version Hash",
     "requirement_id": "GOVERN-1.2",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "LI-02",
     "name": "Model Provenance Chain — Base Model, Fine-Tune, Merge, and Adapter Lineage",
     "requirement_id": "MAP-4.2",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "LI-03",
     "name": "Supply Chain Integrity — Third-Party Model Verification and Cryptographic...",
     "requirement_id": "GOVERN-6.1",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "LI-04",
     "name": "Structured Model Documentation — Complete Model Card with All Required Sections",
     "requirement_id": "GOVERN-4.2",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "LI-05",
     "name": "Training Data Lineage Pointer — Link from Model Registry to TG-Layer Dataset...",
     "requirement_id": "MAP-2.3",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "LI-06",
     "name": "Immutable Version Control with Tested Rollback and Emergency Disable",
     "requirement_id": "MANAGE-2.4",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "LI-07",
     "name": "Capability and Limitation Declaration — Intended Use, Constraints,...",
     "requirement_id": "MAP-2.2",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "LI-08",
     "name": "License and IP Governance — Dataset License Tracking, Derivative Work...",
     "requirement_id": "GOVERN-1.1",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "LI-09",
     "name": "Material-Change Determination and Authorization Gate",
     "requirement_id": "MANAGE-4.1",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "LI-10",
     "name": "Model Retirement and Archive Policy — End-of-Life Procedure, Evidence...",
     "requirement_id": "GOVERN-1.7",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "TG-01",
     "name": "Training Data Quality Gates",
     "requirement_id": "MAP-2.3",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "TG-02",
     "name": "Bias and Representativeness Assessment",
     "requirement_id": "MEASURE-2.11",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "TG-03",
     "name": "Data Rights, Lawful Authority and Permitted Use",
     "requirement_id": "GOVERN-1.1",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "TG-04",
     "name": "Data Poisoning Prevention",
     "requirement_id": "MEASURE-2.7",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "TG-05",
     "name": "Train/Evaluation/Test Separation and Contamination Prevention",
     "requirement_id": "MAP-2.3",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "TG-06",
     "name": "Sensitive-Data Necessity, Minimization and Controlled Use",
     "requirement_id": "MEASURE-2.10",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "TG-07",
     "name": "Third-Party Dataset Governance",
     "requirement_id": "GOVERN-6.1",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "TG-08",
     "name": "Dataset Retention, Deletion and Lifecycle",
     "requirement_id": "GOVERN-1.1",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "EV-01",
     "name": "Pre-Deployment Evaluation Gate",
     "requirement_id": "MANAGE-1.1",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "EV-02",
     "name": "Fitness, Safety, Reliability and Policy-Conformance Evaluation",
     "requirement_id": "MEASURE-2.3",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "EV-03",
     "name": "Dangerous Capability Threshold Assessment",
     "requirement_id": "MEASURE-2.6",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "EV-04",
     "name": "Adversarial Red-Team Testing",
     "requirement_id": "MEASURE-2.7",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "EV-05",
     "name": "Fairness and Bias Evaluation",
     "requirement_id": "MEASURE-2.11",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "EV-06",
     "name": "Reproducible Evaluation Design",
     "requirement_id": "MEASURE-2.1",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "EV-07",
     "name": "Regression Testing on Updates",
     "requirement_id": "MANAGE-2.4",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "EV-08",
     "name": "Independent Validation",
     "requirement_id": "GOVERN-2.1",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "EV-09",
     "name": "Risk and Applicability Classification",
     "requirement_id": "MAP-1.5",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "EV-10",
     "name": "Evaluation Result Provenance",
     "requirement_id": "MEASURE-2.1",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "OA-01",
     "name": "Model Ownership Assignment",
     "requirement_id": "GOVERN-2.1",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "OA-02",
     "name": "Meaningful Human Oversight for High-Stakes Decisions",
     "requirement_id": "GOVERN-3.2",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "OA-03",
     "name": "AI Model Governance Committee",
     "requirement_id": "GOVERN-2.3",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "OA-04",
     "name": "Delegated Autonomy Tier Governance",
     "requirement_id": "GOVERN-1.3",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "OA-05",
     "name": "Regulatory and Legal Review Sign-Off",
     "requirement_id": "GOVERN-1.1",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "OA-06",
     "name": "Third-Party Model and Vendor Risk Oversight",
     "requirement_id": "GOVERN-6.1",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "OA-07",
     "name": "Incident Escalation Authority Chain",
     "requirement_id": "MANAGE-2.4",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "OA-08",
     "name": "Notice, Explanation Support, Human Review and Contestability",
     "requirement_id": "MANAGE-4.1",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "BH-01",
     "name": "Output Anomaly Detection",
     "requirement_id": "MEASURE-2.4",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "BH-02",
     "name": "Concept and Data Drift Detection",
     "requirement_id": "MEASURE-2.4",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "BH-03",
     "name": "Production Performance Degradation Alerting",
     "requirement_id": "MEASURE-2.4",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "BH-04",
     "name": "Behavioral Boundary Performance Testing",
     "requirement_id": "MEASURE-2.7",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "BH-05",
     "name": "Usage Telemetry and Decision Logging",
     "requirement_id": "GOVERN-1.2",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "BH-06",
     "name": "Injection-Resistance Evaluation in Production",
     "requirement_id": "MEASURE-2.7",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "BH-07",
     "name": "Resource and Cost Anomaly Monitoring",
     "requirement_id": "MANAGE-2.4",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "BH-08",
     "name": "Shadow and Canary Deployment Governance",
     "requirement_id": "MANAGE-1.1",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "BH-09",
     "name": "Synthetic-Content Provenance, Disclosure and Traceability",
     "requirement_id": "GOVERN-1.2",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "BH-10",
     "name": "Feedback Loop Integrity and Online Learning Governance",
     "requirement_id": "MANAGE-4.1",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "CR-01",
     "name": "Continuous Production Monitoring and Risk Aggregation",
     "requirement_id": "MEASURE-2.4",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "CR-02",
     "name": "Model Evidence Archive and Audit Trail",
     "requirement_id": "GOVERN-1.4",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "CR-03",
     "name": "Scheduled Model Re-validation",
     "requirement_id": "MEASURE-2.6",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "CR-04",
     "name": "AI Incident Response Management",
     "requirement_id": "MANAGE-4.1",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "CR-05",
     "name": "Regulatory Notification and Statutory Reporting",
     "requirement_id": "GOVERN-4.3",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "CR-06",
     "name": "Post-Market Surveillance",
     "requirement_id": "MEASURE-2.4",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "CR-07",
     "name": "Model Retirement and Evidence Archival",
     "requirement_id": "GOVERN-1.7",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "CR-08",
     "name": "Cross-Domain Assurance Coordination",
     "requirement_id": "GOVERN-1.4",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "NI-09",
     "name": "Non-Human Identity Layer Evidence Package",
     "requirement_id": "GOVERN 1.5",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "DE-09",
     "name": "Delegation Layer Evidence Package",
     "requirement_id": "GOVERN 1.5",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IF-09",
     "name": "Identity Federation Layer Evidence Package",
     "requirement_id": "GOVERN 1.5",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IM-09",
     "name": "Identity Monitoring Layer Evidence Package",
     "requirement_id": "GOVERN 1.5",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AA-01",
     "name": "Agent Identity Presentation at Tool Invocation",
     "requirement_id": "GOVERN 4.2",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AA-02",
     "name": "API Key and Bearer Token Lifecycle Management",
     "requirement_id": "MANAGE 2.4",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AA-03",
     "name": "mTLS and Certificate-Based Agent Authentication",
     "requirement_id": "MEASURE 2.5",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AA-04",
     "name": "Workload Identity for Agent Processes",
     "requirement_id": "GOVERN 1.2",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AA-05",
     "name": "Session Token Binding and Anti-Replay Controls",
     "requirement_id": "MANAGE 1.2",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AA-06",
     "name": "Cross-System Authentication Chaining",
     "requirement_id": "MANAGE 3.1",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AA-07",
     "name": "Authentication Failure Monitoring and Alerting",
     "requirement_id": "MEASURE 2.4",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AA-08",
     "name": "Agent Authentication Evidence Package",
     "requirement_id": "GOVERN 4.2",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AB-01",
     "name": "Authorized Action Scope Manifest",
     "requirement_id": "GOVERN 1.2",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AB-02",
     "name": "Tool-Call Authorization Policy",
     "requirement_id": "GOVERN 3.2",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AB-03",
     "name": "Action Reversibility Classification and Gates",
     "requirement_id": "MANAGE 4.1",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AB-06",
     "name": "Rate Limiting and Resource Budget Enforcement",
     "requirement_id": "MANAGE 2.4",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AB-07",
     "name": "Behavioral Drift Monitoring",
     "requirement_id": "MANAGE 4.1 — Monitoring and Review",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AB-08",
     "name": "BehavioralAttestation Production",
     "requirement_id": "GOVERN 4.2",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AT-01",
     "name": "Tool and Plugin Registry",
     "requirement_id": "GOVERN 1.6",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AT-02",
     "name": "Tool Permission Scoping",
     "requirement_id": "MANAGE 1.3",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AT-05",
     "name": "Dangerous and Irreversible Tool Access Controls",
     "requirement_id": "GOVERN 3.2",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AT-06",
     "name": "Third-Party Plugin Vetting and Sandboxing",
     "requirement_id": "GOVERN 6.1",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AT-07",
     "name": "Tool Usage Audit Trail",
     "requirement_id": "MANAGE 4.1",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AT-08",
     "name": "Tool Governance Evidence Package",
     "requirement_id": "GOVERN 1.4",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AO-01",
     "name": "Multi-Agent Trust Chain Documentation",
     "requirement_id": "GOVERN 2.1",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AO-02",
     "name": "Sub-Agent Authorization and Capability Delegation",
     "requirement_id": "§3.4 — Accountable and Transparent",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AO-04",
     "name": "Human-in-the-Loop Gates for High-Consequence Orchestrations",
     "requirement_id": "GOVERN 3.2",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AO-05",
     "name": "Orchestration Loop and Escalation Detection",
     "requirement_id": "§3.2 — Safe",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AO-06",
     "name": "Cross-Organization Orchestration Trust Governance",
     "requirement_id": "GOVERN 6.1",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AO-07",
     "name": "Orchestration Audit Trail",
     "requirement_id": "§3.4 — Accountable and Transparent",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AO-08",
     "name": "Orchestration Governance Evidence Package",
     "requirement_id": "GOVERN 1.4",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AM-01",
     "name": "Behavioral Telemetry Collection Baseline",
     "requirement_id": "MANAGE 4.1",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AM-03",
     "name": "Goal Drift and Intent Deviation Detection",
     "requirement_id": "MEASURE 2.4",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AM-04",
     "name": "Resource Consumption Anomaly Monitoring",
     "requirement_id": "MANAGE 4.1",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AM-06",
     "name": "Monitoring Log Integrity",
     "requirement_id": "GOVERN 4.3",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AM-07",
     "name": "Real-Time Alerting and Automated Agent Suspension",
     "requirement_id": "MANAGE 4.3",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AM-08",
     "name": "Monitoring Coverage Evidence Package",
     "requirement_id": "GOVERN 1.5",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AM-09",
     "name": "Action Effect Reconciliation",
     "requirement_id": "MEASURE 2.4",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AG-01",
     "name": "Agentic AI Governance Structure",
     "requirement_id": "GOVERN 2.1",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AG-02",
     "name": "Agent Deployment Policy and Pre-Deployment Review Gate",
     "requirement_id": "MAP 5.1",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AG-03",
     "name": "Agentic AI Risk Assessment Framework",
     "requirement_id": "MAP 5.1",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AG-04",
     "name": "Senior Accountability for Autonomous AI Systems",
     "requirement_id": "GOVERN 2.3",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AG-05",
     "name": "Agent Incident Response Program",
     "requirement_id": "MANAGE 4.3",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AG-06",
     "name": "Agent Program Metrics and KPIs",
     "requirement_id": "MEASURE 1.1",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AG-07",
     "name": "Continuous Improvement and Lessons Learned",
     "requirement_id": "MANAGE 4.1",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AG-08",
     "name": "BehavioralAttestation Production",
     "requirement_id": "GOVERN 4.2",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "EF-01",
     "name": "Ethics Principles Adoption and Operationalization",
     "requirement_id": "GOVERN 1.2, GOVERN 2.1",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "EF-02",
     "name": "Values-to-Design Mapping",
     "requirement_id": "MAP 1.1, MAP 2.2",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "EF-03",
     "name": "Ethical Risk Appetite Definition",
     "requirement_id": "GOVERN 1.3, GOVERN 4.1",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "EF-04",
     "name": "Ethics Impact Assessment Framework",
     "requirement_id": "MAP 5.1, MEASURE 2.11",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "EF-06",
     "name": "Ethics-by-Design Integration in Development Lifecycle",
     "requirement_id": "MAP 1.6, GOVERN 1.7",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "EF-07",
     "name": "External Ethics Stakeholder Engagement",
     "requirement_id": "GOVERN 1.2, MAP 1.5",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "EF-08",
     "name": "Ethics Foundations Evidence Package",
     "requirement_id": "GOVERN 4.2",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "FA-01",
     "name": "Protected Characteristic Identification and Scope",
     "requirement_id": "MAP 1.5",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "FA-02",
     "name": "Algorithmic Bias Impact Assessment",
     "requirement_id": "MAP 2.2",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "FA-03",
     "name": "Fairness Metric Selection and Justification",
     "requirement_id": "MEASURE 2.11",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "FA-04",
     "name": "Independent Bias Testing Methodology",
     "requirement_id": "MEASURE 2.11",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "FA-05",
     "name": "NYC Local Law 144 and Analogous Audit Compliance",
     "requirement_id": "GOVERN 4.1",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "FA-06",
     "name": "Disparate Impact Analysis",
     "requirement_id": "MEASURE 2.11",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "FA-07",
     "name": "Bias Remediation Governance",
     "requirement_id": "MANAGE 1.3",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "FA-08",
     "name": "Fairness and Accountability Evidence Package",
     "requirement_id": "GOVERN 4.2",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "XP-01",
     "name": "Explainability Method Selection and Justification",
     "requirement_id": "MEASURE 2.9",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "XP-02",
     "name": "Decision-Level Explanation Requirements",
     "requirement_id": "GOVERN 1.1",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "XP-03",
     "name": "Explanation Fidelity and Accuracy Verification",
     "requirement_id": "MEASURE 2.9",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "XP-04",
     "name": "Adverse Action Notice and Explanation (ECOA/Reg B, FCRA)",
     "requirement_id": "GOVERN 1.1",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "XP-05",
     "name": "Model Card and System Card Transparency Disclosure",
     "requirement_id": "MAP 5.1",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "XP-06",
     "name": "Technical vs. Non-Technical Explanation Tiers",
     "requirement_id": "MEASURE 2.9",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "XP-07",
     "name": "Explanation Completeness and Coverage Auditing",
     "requirement_id": "MEASURE 4.1",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "XP-08",
     "name": "Explainability Evidence Package",
     "requirement_id": "GOVERN 1.4",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "HI-01",
     "name": "Fundamental Rights Impact Assessment Content Governance",
     "requirement_id": "MAP 1.5",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "HI-03",
     "name": "Vulnerable Population Protection",
     "requirement_id": "MEASURE 2.11",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "HI-04",
     "name": "Human Oversight and Override Mechanisms",
     "requirement_id": "GOVERN 3.2",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "HI-05",
     "name": "Remedy and Redress Mechanisms",
     "requirement_id": "MANAGE 4.1",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "HI-08",
     "name": "Human Interests Evidence Package",
     "requirement_id": "GOVERN 4.2",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "FM-01",
     "name": "Production Fairness Monitoring Program",
     "requirement_id": "MEASURE 2.11",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "FM-02",
     "name": "Disparate Outcome Threshold Governance",
     "requirement_id": "GOVERN 1.2",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "FM-03",
     "name": "Statistical Parity and Equalized Odds Monitoring",
     "requirement_id": "MEASURE 2.11",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "FM-04",
     "name": "Feedback Loop and Reinforcement Bias Detection",
     "requirement_id": "MEASURE 2.4",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "FM-05",
     "name": "Fairness Incident Response Program",
     "requirement_id": "MANAGE 4.3",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "FM-06",
     "name": "AI Performance Divergence by Demographic Group",
     "requirement_id": "MEASURE 2.3",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "FM-07",
     "name": "Fairness Monitoring Audit Trail",
     "requirement_id": "GOVERN 4.2",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "FM-08",
     "name": "Fairness Monitoring Evidence Package",
     "requirement_id": "MEASURE 2.11",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "EG-01",
     "name": "Ethics Governance Structure",
     "requirement_id": "GOVERN 2.1",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "EG-02",
     "name": "AI Ethics Policy Framework",
     "requirement_id": "GOVERN 1.2",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "EG-03",
     "name": "Senior and Board-Level Ethics Accountability",
     "requirement_id": "GOVERN 2.1",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "EG-04",
     "name": "Ethics Training and Capability Building",
     "requirement_id": "GOVERN 2.2",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "EG-05",
     "name": "Third-Party AI Provider Ethics Accountability",
     "requirement_id": "GOVERN 6.1",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "EG-06",
     "name": "Ethics Incident Response",
     "requirement_id": "MANAGE 4.3",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "EG-07",
     "name": "Ethics Program Metrics and Effectiveness Measurement",
     "requirement_id": "MEASURE 2.1",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "EG-08",
     "name": "EthicsAttestation Production",
     "requirement_id": "GOVERN 4.2",
     "fit": "direct"
    },
    {
     "domain": "authority",
     "control": "PV-01",
     "name": "Operating Intent Declaration",
     "requirement_id": "GOVERN 1.2 — Trustworthy AI characteristics are integrated into organizational policies, processes, and procedures",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PV-02",
     "name": "Operating Intent Boundary Validation",
     "requirement_id": "MAP 1.1 — Intended purposes, context-specific laws and norms, and prospective deployment settings are understood and documented",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PV-03",
     "name": "Intended Purpose Alignment Review",
     "requirement_id": "GOVERN 2.3 — Executive leadership takes responsibility for decisions about risks associated with AI system development and deployment",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PV-04",
     "name": "Authorized Knowledge Source Registry",
     "requirement_id": "MAP 2.3 — Scientific integrity and TEVV considerations, including data provenance and relevance, are identified and documented",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PV-05",
     "name": "Knowledge Source Version Governance",
     "requirement_id": "MAP 2.3 — Scientific integrity and TEVV considerations, including data provenance and relevance, are identified and documented",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PV-06",
     "name": "Operating Context Change Management",
     "requirement_id": "GOVERN 1.4 — The risk management process and its outcomes are established through transparent policies and procedures",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PV-07",
     "name": "Deployment Scope Attestation",
     "requirement_id": "GOVERN 1.7 — Processes and procedures are in place for decommissioning and phasing out AI systems safely",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PV-08",
     "name": "Principal Intent vs. Agent Behavior Alignment",
     "requirement_id": "MEASURE 2.4 — The functionality and behavior of the AI system and its components are monitored when in production",
     "fit": "direct"
    },
    {
     "domain": "authority",
     "control": "PV-09",
     "name": "Principal Verification Layer Evidence Package",
     "requirement_id": "GOVERN 1.5",
     "fit": "direct"
    },
    {
     "domain": "authority",
     "control": "PA-02",
     "name": "Approval Limit Enforcement",
     "requirement_id": "GOVERN 1.3 — Risk management activities are determined and prioritized based on organizational risk tolerance",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PA-03",
     "name": "Escalation Gate Design and Testing",
     "requirement_id": "MANAGE 4.1 — Post-deployment AI system monitoring plans are implemented, including mechanisms for incident response, recovery, and change management",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PA-06",
     "name": "Emergency Override and Break-Glass",
     "requirement_id": "MANAGE 4.3 — Incidents and errors are communicated to relevant AI actors; processes for tracking, responding to, and recovering from incidents are followed and ",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PA-08",
     "name": "Authority Scope Change Notification",
     "requirement_id": "GOVERN 1.4 — The risk management process and its outcomes are established through transparent policies and procedures",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PA-09",
     "name": "Authority Scope Layer Evidence Package",
     "requirement_id": "GOVERN 1.5",
     "fit": "direct"
    },
    {
     "domain": "authority",
     "control": "PO-01",
     "name": "Internal Policy Register for AI Deployments",
     "requirement_id": "GOVERN 1.2 — Trustworthy AI characteristics are integrated into organizational policies, processes, and procedures",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PO-02",
     "name": "Policy Version Control and Distribution",
     "requirement_id": "GOVERN 1.2 — Trustworthy AI characteristics are integrated into organizational policies, processes, and procedures",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PO-03",
     "name": "Contractual Obligation Extraction",
     "requirement_id": "MAP 1.1 — Intended purposes, context-specific laws and norms, and prospective deployment settings are understood and documented",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PO-04",
     "name": "Contract Term Conflict Detection",
     "requirement_id": "MAP 1.1 — Intended purposes, context-specific laws and norms, and prospective deployment settings are understood and documented",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PO-06",
     "name": "Communication and Commitment Policy",
     "requirement_id": "GOVERN 2.1 — Roles, responsibilities, and lines of communication related to AI risk management are documented and clear",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PO-09",
     "name": "Policy Obligation Layer Evidence Package",
     "requirement_id": "GOVERN 1.5",
     "fit": "direct"
    },
    {
     "domain": "authority",
     "control": "PR-02",
     "name": "AI-Initiated Commitment Controls",
     "requirement_id": "GOVERN 2.3 — Executive leadership takes responsibility for decisions about risks associated with AI system development and deployment",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PR-04",
     "name": "Contract Review Gate Compliance",
     "requirement_id": "GOVERN 2.3 — Executive leadership takes responsibility for decisions about risks associated with AI system development and deployment",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PR-06",
     "name": "AI in Contract Negotiation Controls",
     "requirement_id": "GOVERN 2.3 — Executive leadership takes responsibility for decisions about risks associated with AI system development and deployment",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PR-09",
     "name": "Procurement Governance Layer Evidence Package",
     "requirement_id": "GOVERN 1.5",
     "fit": "direct"
    },
    {
     "domain": "authority",
     "control": "PG-01",
     "name": "Policy Adherence Monitoring",
     "requirement_id": "MEASURE 3.1 — Approaches, personnel, and documentation are in place to regularly identify and track existing, unanticipated, and emergent AI risks",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PG-02",
     "name": "Authority Limit Monitoring",
     "requirement_id": "MEASURE 3.1 — Approaches, personnel, and documentation are in place to regularly identify and track existing, unanticipated, and emergent AI risks",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PG-04",
     "name": "Policy Incident Classification and Response",
     "requirement_id": "MANAGE 4.1 — Post-deployment AI system monitoring plans are implemented, including mechanisms for incident response, recovery, and change management",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PG-05",
     "name": "Knowledge Source Staleness Detection",
     "requirement_id": "MEASURE 2.4 — The functionality and behavior of the AI system and its components are monitored when in production",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PG-06",
     "name": "Operating Intent Drift Detection",
     "requirement_id": "MEASURE 2.4 — The functionality and behavior of the AI system and its components are monitored when in production",
     "fit": "direct"
    },
    {
     "domain": "authority",
     "control": "PG-08",
     "name": "Lessons Learned and Policy Improvement",
     "requirement_id": "MANAGE 4.1 — Post-deployment AI system monitoring plans are implemented, including mechanisms for incident response, recovery, and change management",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PG-09",
     "name": "Policy Governance Layer Evidence Package",
     "requirement_id": "GOVERN 1.5",
     "fit": "direct"
    },
    {
     "domain": "authority",
     "control": "PE-04",
     "name": "Cross-Domain Policy Evidence Integration",
     "requirement_id": "GOVERN 4.2 — Organizational teams document the risks and potential impacts of AI systems and communicate about them more broadly",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PE-07",
     "name": "Policy Governance Program Assessment",
     "requirement_id": "MANAGE 4.1 — Post-deployment AI system monitoring plans are implemented, including mechanisms for incident response, recovery, and change management",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PE-08",
     "name": "Policy Attestation",
     "requirement_id": "GOVERN 1.4 — The risk management process and its outcomes are established through transparent policies and procedures",
     "fit": "partial"
    }
   ],
   "source_refs": [],
   "by_domain": {
    "security": 50,
    "model": 54,
    "identity": 4,
    "agentic": 42,
    "ethics": 44,
    "authority": 34
   },
   "title": "nist_ai_rmf",
   "total": 228
  },
  {
   "source_id": "owasp_ai_exchange",
   "framework_refs": [
    {
     "domain": "security",
     "control": "IA-01",
     "name": "Give every agent its own distinct identity, never a shared or human login",
     "requirement_id": "modelaccesscontrol",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "IA-02",
     "name": "Hand out short-lived, task-scoped keys (no long-lived secrets)",
     "requirement_id": "modelaccesscontrol",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "IA-02",
     "name": "Hand out short-lived, task-scoped keys (no long-lived secrets)",
     "requirement_id": "leastmodelprivilege",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "IA-03",
     "name": "Act on the user's behalf with explicit approval for sensitive steps",
     "requirement_id": "oversight",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "IA-04",
     "name": "Check permission continuously at run time, not just once at login",
     "requirement_id": "modelaccesscontrol",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "IA-05",
     "name": "Find and inventory every agent, surface the shadow ones",
     "requirement_id": "secprogram",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "EC-03",
     "name": "Keep memory short-lived, and validate anything written to it",
     "requirement_id": "augdataintegrity",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "EC-04",
     "name": "Limit filesystem and tool access to the bare minimum",
     "requirement_id": "leastmodelprivilege",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "EC-05",
     "name": "Cap spend and resource use, stop denial-of-wallet",
     "requirement_id": "limitresources",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "EC-06",
     "name": "Contain runaway loops and over-reach (least-agency)",
     "requirement_id": "limitresources",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "EC-06",
     "name": "Contain runaway loops and over-reach (least-agency)",
     "requirement_id": "leastmodelprivilege",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "EC-07",
     "name": "Trust-rank retrieved content before it enters the agent's context",
     "requirement_id": "augdataintegrity",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "EC-07",
     "name": "Trust-rank retrieved content before it enters the agent's context",
     "requirement_id": "inputsegregation",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "EC-08",
     "name": "Keep secrets out of the prompt and context",
     "requirement_id": "dataminimize",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "EC-09",
     "name": "Treat the workspace and its config and hooks as untrusted",
     "requirement_id": "inputsegregation",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "EC-10",
     "name": "Verify trigger provenance and admit autonomous runs",
     "requirement_id": "modelaccesscontrol",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "PT-02",
     "name": "Authorize tool calls and govern the MCP server registry",
     "requirement_id": "leastmodelprivilege",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "PT-02",
     "name": "Authorize tool calls and govern the MCP server registry",
     "requirement_id": "supplychainmanage",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "PT-03",
     "name": "Verify skill/tool manifest integrity and sign the supply chain",
     "requirement_id": "supplychainmanage",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "PT-04",
     "name": "Validate tool input/output, treat tool results as untrusted",
     "requirement_id": "promptinjectioniohandling",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "PT-04",
     "name": "Validate tool input/output, treat tool results as untrusted",
     "requirement_id": "inputsegregation",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "PT-05",
     "name": "Encode and validate the agent's own output before it reaches other systems",
     "requirement_id": "encodemodeloutput",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "PT-06",
     "name": "Sanitize model-generated tool parameters, not just the schema",
     "requirement_id": "encodemodeloutput",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "PT-06",
     "name": "Sanitize model-generated tool parameters, not just the schema",
     "requirement_id": "promptinjectioniohandling",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "PT-07",
     "name": "Verify tool descriptions for hidden instructions (description injection)",
     "requirement_id": "promptinjectioniohandling",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "PT-07",
     "name": "Verify tool descriptions for hidden instructions (description injection)",
     "requirement_id": "supplychainmanage",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "PT-08",
     "name": "Enforce an instruction hierarchy so tool output cannot give the agent orders",
     "requirement_id": "inputsegregation",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "PT-08",
     "name": "Enforce an instruction hierarchy so tool output cannot give the agent orders",
     "requirement_id": "promptinjectioniohandling",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "GV-01",
     "name": "Require a human hard-stop for irreversible actions",
     "requirement_id": "oversight",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "GV-02",
     "name": "Keep an immutable, tamper-evident audit trail of what the agent did",
     "requirement_id": "monitoruse",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "GV-04",
     "name": "Enforce policy as code at run time, in the request path",
     "requirement_id": "modelaccesscontrol",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "GV-05",
     "name": "Run an AI management system and tier agents by their autonomy",
     "requirement_id": "aiprogram",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "GV-05",
     "name": "Run an AI management system and tier agents by their autonomy",
     "requirement_id": "secprogram",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "GV-06",
     "name": "Cap the rate and volume of irreversible actions",
     "requirement_id": "ratelimit",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "GV-07",
     "name": "Protect humans from being deceived by an agent",
     "requirement_id": "aitransparency",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "GV-07",
     "name": "Protect humans from being deceived by an agent",
     "requirement_id": "oversight",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "GV-08",
     "name": "Make high-impact actions transactional, atomic, idempotent, state-checked",
     "requirement_id": "modelaccesscontrol",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "GV-09",
     "name": "Anchor a named business owner to every agent (accountability)",
     "requirement_id": "aiprogram",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "GV-10",
     "name": "Enable end-user responsibility and guard against automation bias",
     "requirement_id": "aitransparency",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "GV-10",
     "name": "Enable end-user responsibility and guard against automation bias",
     "requirement_id": "oversight",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "GV-10",
     "name": "Enable end-user responsibility and guard against automation bias",
     "requirement_id": "seceducate",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "RT-01",
     "name": "Capture OS-level telemetry of what the agent actually does",
     "requirement_id": "monitoruse",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "RT-02",
     "name": "Detect direct and indirect prompt injection at every input and output",
     "requirement_id": "promptinjectioniohandling",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "RT-03",
     "name": "Supervise the agent's reasoning and check it matches its actions",
     "requirement_id": "monitoruse",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "RT-03",
     "name": "Supervise the agent's reasoning and check it matches its actions",
     "requirement_id": "oversight",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "RT-04",
     "name": "Detect anomalies and trigger pause, kill switch, or containment",
     "requirement_id": "monitoruse",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "RT-05",
     "name": "Apply data-loss prevention to agent egress and interactions",
     "requirement_id": "sensitiveoutputhandling",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "RT-06",
     "name": "Map AI-native threats, extend ATT&CK/ATLAS to agentic orchestration",
     "requirement_id": "secprogram",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "RT-07",
     "name": "Detect multi-agent collusion and covert channels",
     "requirement_id": "monitoruse",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "RT-08",
     "name": "Monitor latent and representation-level signals, not just visible reasoning",
     "requirement_id": "monitoruse",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "AS-01",
     "name": "Adversarially red-team and evaluate the agent before launch",
     "requirement_id": "continuousvalidation",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "AS-02",
     "name": "Statically analyze agent skills and manifests in CI",
     "requirement_id": "secdevprogram",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "AS-02",
     "name": "Statically analyze agent skills and manifests in CI",
     "requirement_id": "supplychainmanage",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "AS-03",
     "name": "Gate releases on continuous adversarial validation",
     "requirement_id": "continuousvalidation",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "AS-04",
     "name": "Run a bug-bounty / vulnerability reward program for agentic abuse",
     "requirement_id": "secprogram",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "AS-05",
     "name": "Study frontier offensive capability before public release",
     "requirement_id": "continuousvalidation",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "AS-06",
     "name": "Verify model-weights and training-data provenance before load",
     "requirement_id": "supplychainmanage",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "AS-06",
     "name": "Verify model-weights and training-data provenance before load",
     "requirement_id": "runtimemodelintegrity",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "AS-07",
     "name": "Verify a skill does what it declares (behavioral integrity)",
     "requirement_id": "supplychainmanage",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "AS-08",
     "name": "Harden and assure the security control plane as tier-zero infrastructure",
     "requirement_id": "secprogram",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "EC-11",
     "name": "AI Accelerator Firmware and Trusted Execution Integrity",
     "requirement_id": "confcompute",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "EC-11",
     "name": "AI Accelerator Firmware and Trusted Execution Integrity",
     "requirement_id": "runtimemodelintegrity",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "LI-01",
     "name": "Unique Model Identity and Content-Addressed Version Hash",
     "requirement_id": "supplychainmanage",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "LI-02",
     "name": "Model Provenance Chain — Base Model, Fine-Tune, Merge, and Adapter Lineage",
     "requirement_id": "supplychainmanage",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "LI-03",
     "name": "Supply Chain Integrity — Third-Party Model Verification and Cryptographic...",
     "requirement_id": "supplychainmanage",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "LI-04",
     "name": "Structured Model Documentation — Complete Model Card with All Required Sections",
     "requirement_id": "aitransparency",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "LI-05",
     "name": "Training Data Lineage Pointer — Link from Model Registry to TG-Layer Dataset...",
     "requirement_id": "supplychainmanage",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "LI-07",
     "name": "Capability and Limitation Declaration — Intended Use, Constraints,...",
     "requirement_id": "aitransparency",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "LI-08",
     "name": "License and IP Governance — Dataset License Tracking, Derivative Work...",
     "requirement_id": "checkcompliance",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "LI-09",
     "name": "Material-Change Determination and Authorization Gate",
     "requirement_id": "continuousvalidation",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "TG-01",
     "name": "Training Data Quality Gates",
     "requirement_id": "dataqualitycontrol",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "TG-02",
     "name": "Bias and Representativeness Assessment",
     "requirement_id": "dataqualitycontrol",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "TG-02",
     "name": "Bias and Representativeness Assessment",
     "requirement_id": "unwantedbiastesting",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "TG-03",
     "name": "Data Rights, Lawful Authority and Permitted Use",
     "requirement_id": "alloweddata",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "TG-04",
     "name": "Data Poisoning Prevention",
     "requirement_id": "poisonrobustmodel",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "TG-04",
     "name": "Data Poisoning Prevention",
     "requirement_id": "dataqualitycontrol",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "TG-06",
     "name": "Sensitive-Data Necessity, Minimization and Controlled Use",
     "requirement_id": "dataminimize",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "TG-06",
     "name": "Sensitive-Data Necessity, Minimization and Controlled Use",
     "requirement_id": "obfuscatetrainingdata",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "TG-07",
     "name": "Third-Party Dataset Governance",
     "requirement_id": "supplychainmanage",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "TG-08",
     "name": "Dataset Retention, Deletion and Lifecycle",
     "requirement_id": "shortretain",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "EV-01",
     "name": "Pre-Deployment Evaluation Gate",
     "requirement_id": "continuousvalidation",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "EV-02",
     "name": "Fitness, Safety, Reliability and Policy-Conformance Evaluation",
     "requirement_id": "continuousvalidation",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "EV-04",
     "name": "Adversarial Red-Team Testing",
     "requirement_id": "continuousvalidation",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "EV-05",
     "name": "Fairness and Bias Evaluation",
     "requirement_id": "unwantedbiastesting",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "EV-07",
     "name": "Regression Testing on Updates",
     "requirement_id": "continuousvalidation",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "EV-09",
     "name": "Risk and Applicability Classification",
     "requirement_id": "checkcompliance",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "OA-01",
     "name": "Model Ownership Assignment",
     "requirement_id": "aiprogram",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "OA-02",
     "name": "Meaningful Human Oversight for High-Stakes Decisions",
     "requirement_id": "oversight",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "OA-03",
     "name": "AI Model Governance Committee",
     "requirement_id": "aiprogram",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "OA-04",
     "name": "Delegated Autonomy Tier Governance",
     "requirement_id": "leastmodelprivilege",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "OA-05",
     "name": "Regulatory and Legal Review Sign-Off",
     "requirement_id": "checkcompliance",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "OA-06",
     "name": "Third-Party Model and Vendor Risk Oversight",
     "requirement_id": "supplychainmanage",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "OA-08",
     "name": "Notice, Explanation Support, Human Review and Contestability",
     "requirement_id": "aitransparency",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "OA-08",
     "name": "Notice, Explanation Support, Human Review and Contestability",
     "requirement_id": "explainability",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "BH-01",
     "name": "Output Anomaly Detection",
     "requirement_id": "monitoruse",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "BH-02",
     "name": "Concept and Data Drift Detection",
     "requirement_id": "continuousvalidation",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "BH-03",
     "name": "Production Performance Degradation Alerting",
     "requirement_id": "continuousvalidation",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "BH-04",
     "name": "Behavioral Boundary Performance Testing",
     "requirement_id": "continuousvalidation",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "BH-05",
     "name": "Usage Telemetry and Decision Logging",
     "requirement_id": "monitoruse",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "BH-06",
     "name": "Injection-Resistance Evaluation in Production",
     "requirement_id": "promptinjectioniohandling",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "BH-07",
     "name": "Resource and Cost Anomaly Monitoring",
     "requirement_id": "limitresources",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "BH-07",
     "name": "Resource and Cost Anomaly Monitoring",
     "requirement_id": "ratelimit",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "BH-07",
     "name": "Resource and Cost Anomaly Monitoring",
     "requirement_id": "monitoruse",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "BH-09",
     "name": "Synthetic-Content Provenance, Disclosure and Traceability",
     "requirement_id": "aitransparency",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "BH-10",
     "name": "Feedback Loop Integrity and Online Learning Governance",
     "requirement_id": "poisonrobustmodel",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "CR-01",
     "name": "Continuous Production Monitoring and Risk Aggregation",
     "requirement_id": "monitoruse",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "CR-03",
     "name": "Scheduled Model Re-validation",
     "requirement_id": "continuousvalidation",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "CR-04",
     "name": "AI Incident Response Management",
     "requirement_id": "secprogram",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "CR-05",
     "name": "Regulatory Notification and Statutory Reporting",
     "requirement_id": "checkcompliance",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "CR-06",
     "name": "Post-Market Surveillance",
     "requirement_id": "monitoruse",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "EV-11",
     "name": "Backdoor and Trojan Detection Scanning",
     "requirement_id": "poisonrobustmodel",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "EV-12",
     "name": "Model Inversion and Reconstruction Resistance",
     "requirement_id": "modelobfuscation",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "EV-12",
     "name": "Model Inversion and Reconstruction Resistance",
     "requirement_id": "obfuscatetrainingdata",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "EV-13",
     "name": "Training-Data Memorization and Regurgitation Testing",
     "requirement_id": "obfuscatetrainingdata",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "EV-13",
     "name": "Training-Data Memorization and Regurgitation Testing",
     "requirement_id": "sensitiveoutputhandling",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "DC-01",
     "name": "Personal Data Inventory",
     "requirement_id": "alloweddata",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "DC-02",
     "name": "Special Category Data Classification",
     "requirement_id": "alloweddata",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "DC-03",
     "name": "Consent Registry",
     "requirement_id": "alloweddata",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "DC-04",
     "name": "Consent Signal Validation",
     "requirement_id": "alloweddata",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "DC-05",
     "name": "Consent Withdrawal Processing",
     "requirement_id": "alloweddata",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "DC-06",
     "name": "Data Purpose Limitation Mapping",
     "requirement_id": "alloweddata",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "DC-07",
     "name": "Children's Data Controls",
     "requirement_id": "alloweddata",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "DG-02",
     "name": "Data Processor Agreements",
     "requirement_id": "supplychainmanage",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "DG-03",
     "name": "International Transfer Mechanism Registry",
     "requirement_id": "alloweddata",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "DG-07",
     "name": "Data Retention and Deletion Schedule",
     "requirement_id": "shortretain",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DS-05",
     "name": "Automated Decision Explanation Rights",
     "requirement_id": "explainability",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "DP-02",
     "name": "Pseudonymization Implementation",
     "requirement_id": "obfuscatetrainingdata",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DP-03",
     "name": "Data Minimization Enforcement",
     "requirement_id": "dataminimize",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DP-04",
     "name": "Inference Scope Limitation",
     "requirement_id": "sensitiveoutputhandling",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "DP-05",
     "name": "Output PII Scrubbing",
     "requirement_id": "sensitiveoutputhandling",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DP-06",
     "name": "Synthetic Data Governance",
     "requirement_id": "obfuscatetrainingdata",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "DP-07",
     "name": "AI Telemetry Data Controls",
     "requirement_id": "shortretain",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "PM-01",
     "name": "Privacy Incident Detection",
     "requirement_id": "monitoruse",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "PM-02",
     "name": "Cross-Context Inference Monitoring",
     "requirement_id": "sensitiveoutputhandling",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "PM-03",
     "name": "Purpose Creep Detection",
     "requirement_id": "alloweddata",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "PM-04",
     "name": "Consent State Consistency Monitoring",
     "requirement_id": "alloweddata",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "PM-05",
     "name": "Inference Log Monitoring",
     "requirement_id": "monitoruse",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "PM-07",
     "name": "Third-Party Privacy Monitoring",
     "requirement_id": "supplychainmanage",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "PC-01",
     "name": "Regulatory Obligation Mapping",
     "requirement_id": "checkcompliance",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "PC-03",
     "name": "Jurisdiction-Specific Compliance Package",
     "requirement_id": "checkcompliance",
     "fit": "supporting"
    },
    {
     "domain": "agentic",
     "control": "AB-01",
     "name": "Authorized Action Scope Manifest",
     "requirement_id": "leastmodelprivilege",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AB-02",
     "name": "Tool-Call Authorization Policy",
     "requirement_id": "leastmodelprivilege",
     "fit": "supporting"
    },
    {
     "domain": "agentic",
     "control": "AB-04",
     "name": "Output Policy Enforcement",
     "requirement_id": "sensitiveoutputhandling",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AB-04",
     "name": "Output Policy Enforcement",
     "requirement_id": "encodemodeloutput",
     "fit": "supporting"
    },
    {
     "domain": "agentic",
     "control": "AB-05",
     "name": "Prompt Injection Detection and Defense",
     "requirement_id": "promptinjectioniohandling",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AB-05",
     "name": "Prompt Injection Detection and Defense",
     "requirement_id": "inputsegregation",
     "fit": "supporting"
    },
    {
     "domain": "agentic",
     "control": "AB-06",
     "name": "Rate Limiting and Resource Budget Enforcement",
     "requirement_id": "ratelimit",
     "fit": "supporting"
    },
    {
     "domain": "agentic",
     "control": "AB-06",
     "name": "Rate Limiting and Resource Budget Enforcement",
     "requirement_id": "limitresources",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AB-07",
     "name": "Behavioral Drift Monitoring",
     "requirement_id": "monitoruse",
     "fit": "supporting"
    },
    {
     "domain": "agentic",
     "control": "AT-02",
     "name": "Tool Permission Scoping",
     "requirement_id": "leastmodelprivilege",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AT-03",
     "name": "Tool Input Validation and Schema Enforcement",
     "requirement_id": "anomalousinputhandling",
     "fit": "supporting"
    },
    {
     "domain": "agentic",
     "control": "AT-04",
     "name": "Tool Output Sanitization and Integrity Verification",
     "requirement_id": "promptinjectioniohandling",
     "fit": "supporting"
    },
    {
     "domain": "agentic",
     "control": "AT-05",
     "name": "Dangerous and Irreversible Tool Access Controls",
     "requirement_id": "leastmodelprivilege",
     "fit": "supporting"
    },
    {
     "domain": "agentic",
     "control": "AO-02",
     "name": "Sub-Agent Authorization and Capability Delegation",
     "requirement_id": "leastmodelprivilege",
     "fit": "supporting"
    },
    {
     "domain": "agentic",
     "control": "AO-04",
     "name": "Human-in-the-Loop Gates for High-Consequence Orchestrations",
     "requirement_id": "oversight",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AM-01",
     "name": "Behavioral Telemetry Collection Baseline",
     "requirement_id": "monitoruse",
     "fit": "supporting"
    },
    {
     "domain": "agentic",
     "control": "AM-02",
     "name": "Anomalous Action Detection",
     "requirement_id": "monitoruse",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AM-04",
     "name": "Resource Consumption Anomaly Monitoring",
     "requirement_id": "limitresources",
     "fit": "supporting"
    },
    {
     "domain": "agentic",
     "control": "AM-07",
     "name": "Real-Time Alerting and Automated Agent Suspension",
     "requirement_id": "monitoruse",
     "fit": "supporting"
    },
    {
     "domain": "agentic",
     "control": "AB-09",
     "name": "Comprehensive Input Validation and Multimodal Screening",
     "requirement_id": "anomalousinputhandling",
     "fit": "supporting"
    },
    {
     "domain": "agentic",
     "control": "AB-09",
     "name": "Comprehensive Input Validation and Multimodal Screening",
     "requirement_id": "evasioninputhandling",
     "fit": "supporting"
    },
    {
     "domain": "ethics",
     "control": "EF-06",
     "name": "Ethics-by-Design Integration in Development Lifecycle",
     "requirement_id": "modelalignment",
     "fit": "adjacent"
    },
    {
     "domain": "ethics",
     "control": "FA-02",
     "name": "Algorithmic Bias Impact Assessment",
     "requirement_id": "unwantedbiastesting",
     "fit": "supporting"
    },
    {
     "domain": "ethics",
     "control": "FA-04",
     "name": "Independent Bias Testing Methodology",
     "requirement_id": "unwantedbiastesting",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "FA-06",
     "name": "Disparate Impact Analysis",
     "requirement_id": "unwantedbiastesting",
     "fit": "supporting"
    },
    {
     "domain": "ethics",
     "control": "XP-01",
     "name": "Explainability Method Selection and Justification",
     "requirement_id": "explainability",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "XP-02",
     "name": "Decision-Level Explanation Requirements",
     "requirement_id": "explainability",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "XP-03",
     "name": "Explanation Fidelity and Accuracy Verification",
     "requirement_id": "explainability",
     "fit": "supporting"
    },
    {
     "domain": "ethics",
     "control": "XP-05",
     "name": "Model Card and System Card Transparency Disclosure",
     "requirement_id": "aitransparency",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "XP-06",
     "name": "Technical vs. Non-Technical Explanation Tiers",
     "requirement_id": "explainability",
     "fit": "supporting"
    },
    {
     "domain": "ethics",
     "control": "XP-07",
     "name": "Explanation Completeness and Coverage Auditing",
     "requirement_id": "explainability",
     "fit": "supporting"
    },
    {
     "domain": "ethics",
     "control": "HI-04",
     "name": "Human Oversight and Override Mechanisms",
     "requirement_id": "oversight",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "HI-06",
     "name": "Consent and Agency Preservation for AI Interactions",
     "requirement_id": "aitransparency",
     "fit": "supporting"
    },
    {
     "domain": "ethics",
     "control": "FM-03",
     "name": "Statistical Parity and Equalized Odds Monitoring",
     "requirement_id": "unwantedbiastesting",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DX-02",
     "name": "Inter-System Data Transfer Authorization",
     "requirement_id": "segregatedata",
     "fit": "supporting"
    },
    {
     "domain": "data",
     "control": "DX-04",
     "name": "Cross-Border Data Transfer Controls",
     "requirement_id": "alloweddata",
     "fit": "supporting"
    },
    {
     "domain": "data",
     "control": "DX-05",
     "name": "Third-Party Data Sharing Agreements and Controls",
     "requirement_id": "segregatedata",
     "fit": "supporting"
    },
    {
     "domain": "data",
     "control": "DI-01",
     "name": "Data Integrity Baseline and Checksum Monitoring",
     "requirement_id": "dataqualitycontrol",
     "fit": "supporting"
    },
    {
     "domain": "data",
     "control": "DI-02",
     "name": "Tamper Detection for AI Inference Inputs",
     "requirement_id": "runtimemodeliointegrity",
     "fit": "supporting"
    },
    {
     "domain": "data",
     "control": "DI-03",
     "name": "Cross-System Data Consistency Validation",
     "requirement_id": "dataqualitycontrol",
     "fit": "supporting"
    },
    {
     "domain": "data",
     "control": "DI-04",
     "name": "AI Output Data Integrity Verification",
     "requirement_id": "runtimemodeliointegrity",
     "fit": "supporting"
    },
    {
     "domain": "data",
     "control": "DI-06",
     "name": "Model Memorization Risk Assessment and Output Leakage Prevention",
     "requirement_id": "sensitiveoutputhandling",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DM-02",
     "name": "Data Classification and Sensitivity Tagging at Rest",
     "requirement_id": "segregatedata",
     "fit": "supporting"
    },
    {
     "domain": "data",
     "control": "DM-03",
     "name": "Data Retention and Disposal Governance",
     "requirement_id": "shortretain",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DM-05",
     "name": "Data Quality Standards and Target Setting",
     "requirement_id": "dataqualitycontrol",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DM-07",
     "name": "Synthetic Data Governance",
     "requirement_id": "obfuscatetrainingdata",
     "fit": "supporting"
    },
    {
     "domain": "data",
     "control": "DL-01",
     "name": "End-to-End Data Lineage Tracking",
     "requirement_id": "supplychainmanage",
     "fit": "supporting"
    },
    {
     "domain": "data",
     "control": "DL-02",
     "name": "Training Data Lineage Documentation",
     "requirement_id": "supplychainmanage",
     "fit": "supporting"
    },
    {
     "domain": "data",
     "control": "DL-02",
     "name": "Training Data Lineage Documentation",
     "requirement_id": "alloweddata",
     "fit": "supporting"
    },
    {
     "domain": "data",
     "control": "DL-04",
     "name": "Transformation and Enrichment Lineage",
     "requirement_id": "supplychainmanage",
     "fit": "supporting"
    },
    {
     "domain": "data",
     "control": "DA-01",
     "name": "AI Data Access Authorization Framework",
     "requirement_id": "discrete",
     "fit": "supporting"
    },
    {
     "domain": "data",
     "control": "DA-02",
     "name": "Data Minimization Implementation for AI",
     "requirement_id": "dataminimize",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DA-03",
     "name": "Consent-Based Data Access Controls",
     "requirement_id": "alloweddata",
     "fit": "supporting"
    },
    {
     "domain": "data",
     "control": "DA-06",
     "name": "Cross-Border Data Access Jurisdiction Controls",
     "requirement_id": "alloweddata",
     "fit": "supporting"
    },
    {
     "domain": "data",
     "control": "DV-01",
     "name": "Schema Validation for AI Inputs",
     "requirement_id": "dataqualitycontrol",
     "fit": "supporting"
    },
    {
     "domain": "data",
     "control": "DV-02",
     "name": "Data Quality Gate Enforcement",
     "requirement_id": "dataqualitycontrol",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DV-03",
     "name": "Statistical Distribution Validation",
     "requirement_id": "dataqualitycontrol",
     "fit": "supporting"
    }
   ],
   "source_refs": [],
   "by_domain": {
    "security": 62,
    "model": 53,
    "privacy": 25,
    "agentic": 21,
    "ethics": 13,
    "data": 23
   },
   "title": "OWASP AI Exchange",
   "total": 197
  },
  {
   "source_id": "google_saif_2023",
   "framework_refs": [
    {
     "domain": "privacy",
     "control": "DC-01",
     "name": "Personal Data Inventory",
     "requirement_id": "Model and Data Inventory Management",
     "fit": "adjacent"
    },
    {
     "domain": "privacy",
     "control": "DC-02",
     "name": "Special Category Data Classification",
     "requirement_id": "Google Cloud Sensitive Data Protection (Cloud DLP)",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DC-06",
     "name": "Data Purpose Limitation Mapping",
     "requirement_id": "Training Data Management",
     "fit": "adjacent"
    },
    {
     "domain": "privacy",
     "control": "DG-01",
     "name": "Data Processing Register",
     "requirement_id": "Model and Data Inventory Management",
     "fit": "adjacent"
    },
    {
     "domain": "privacy",
     "control": "DG-05",
     "name": "DPIA Lifecycle Management",
     "requirement_id": "Core element — Contextualize AI system risks in surrounding business processes",
     "fit": "adjacent"
    },
    {
     "domain": "privacy",
     "control": "DG-06",
     "name": "Data Breach Response",
     "requirement_id": "Core element — Extend detection and response to bring AI into the organization's threat universe",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DS-03",
     "name": "Access Request Fulfillment",
     "requirement_id": "Training Data Management — provenance and lineage",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DS-04",
     "name": "Erasure and Anonymization",
     "requirement_id": "Google Cloud Sensitive Data Protection — de-identification API",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DS-05",
     "name": "Automated Decision Explanation Rights",
     "requirement_id": "Agent Observability",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "DP-01",
     "name": "Encryption at Rest and in Transit",
     "requirement_id": "Core element — Expand strong security foundations to the AI ecosystem",
     "fit": "adjacent"
    },
    {
     "domain": "privacy",
     "control": "DP-02",
     "name": "Pseudonymization Implementation",
     "requirement_id": "Google Cloud Sensitive Data Protection — pseudonymization and de-identification",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DP-03",
     "name": "Data Minimization Enforcement",
     "requirement_id": "User Data Management — mitigates Excessive Data Handling",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DP-04",
     "name": "Inference Scope Limitation",
     "requirement_id": "Inferred Sensitive Data risk — Training Data Management / Output Validation and Sanitization",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DP-05",
     "name": "Output PII Scrubbing",
     "requirement_id": "Google Cloud Sensitive Data Protection — output inspection and de-identification",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DP-06",
     "name": "Synthetic Data Governance",
     "requirement_id": "Privacy Enhancing Technologies",
     "fit": "adjacent"
    },
    {
     "domain": "privacy",
     "control": "DP-07",
     "name": "AI Telemetry Data Controls",
     "requirement_id": "User Data Management — telemetry and log data",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "PM-01",
     "name": "Privacy Incident Detection",
     "requirement_id": "Core element — Extend detection and response to bring AI into the organization's threat universe",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "PM-02",
     "name": "Cross-Context Inference Monitoring",
     "requirement_id": "Inferred Sensitive Data risk — Output Validation and Sanitization",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "PM-03",
     "name": "Purpose Creep Detection",
     "requirement_id": "Unauthorized Training Data risk — Training Data Management",
     "fit": "adjacent"
    },
    {
     "domain": "privacy",
     "control": "PM-05",
     "name": "Inference Log Monitoring",
     "requirement_id": "Sensitive Data Disclosure risk — Output Validation and Sanitization",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "PM-06",
     "name": "Privacy Breach Notification Management",
     "requirement_id": "Core element — Extend detection and response to bring AI into the organization's threat universe",
     "fit": "adjacent"
    },
    {
     "domain": "privacy",
     "control": "PM-07",
     "name": "Third-Party Privacy Monitoring",
     "requirement_id": "Insecure Integrated Component risk",
     "fit": "adjacent"
    },
    {
     "domain": "privacy",
     "control": "PC-01",
     "name": "Regulatory Obligation Mapping",
     "requirement_id": "Core element — Contextualize AI system risks in surrounding business processes",
     "fit": "adjacent"
    },
    {
     "domain": "privacy",
     "control": "PC-04",
     "name": "Privacy Program Effectiveness Assessment",
     "requirement_id": "Core element — Adapt controls to adjust mitigations and create faster feedback loops for AI deployment",
     "fit": "adjacent"
    },
    {
     "domain": "privacy",
     "control": "PC-05",
     "name": "Privacy-by-Design Certification",
     "requirement_id": "Secure-by-Default ML Tooling",
     "fit": "adjacent"
    },
    {
     "domain": "privacy",
     "control": "PC-06",
     "name": "AI Privacy Impact Assessment",
     "requirement_id": "Core element — Contextualize AI system risks in surrounding business processes",
     "fit": "adjacent"
    },
    {
     "domain": "identity",
     "control": "II-02",
     "name": "Identity Assurance Level Assignment",
     "requirement_id": "Google SAIF — Expand strong security foundations (least-privilege IAM)",
     "fit": "adjacent"
    },
    {
     "domain": "identity",
     "control": "II-03",
     "name": "Cryptographic Identity Binding",
     "requirement_id": "Google Cloud Workload Identity Federation — Keyless Authentication",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "II-04",
     "name": "Hardware-Rooted Identity for High-Consequence Agents",
     "requirement_id": "Google Cloud IAM — HSM Service Account Keys",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "II-05",
     "name": "Non-Human Identity Separation from Human Identity",
     "requirement_id": "Google Cloud IAM — Dedicated Service Accounts",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "II-08",
     "name": "Identity Registry Integrity and Tamper Evidence",
     "requirement_id": "Google Cloud Audit Logs — Immutable Admin Activity",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "NI-02",
     "name": "Credential Issuance and Minimum Privilege",
     "requirement_id": "Google Cloud IAM Best Practices — Least Privilege Roles",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "NI-03",
     "name": "Credential Lifetime and Forced Rotation",
     "requirement_id": "Google Cloud Workload Identity Federation — Short Lived Tokens",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "NI-04",
     "name": "Just-In-Time Credential Issuance",
     "requirement_id": "Google Cloud WIF — STS Token Exchange",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "NI-07",
     "name": "Credential Storage and Secrets Hygiene",
     "requirement_id": "Google Cloud Secret Manager — Credential Hygiene",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IF-04",
     "name": "DID-Based Cryptographic Agent Identity",
     "requirement_id": "Google Cloud WIF — External OIDC Verification",
     "fit": "adjacent"
    },
    {
     "domain": "identity",
     "control": "IF-08",
     "name": "Cross-Domain Identity Audit Reconciliation",
     "requirement_id": "Google Cloud Audit Logs — Organization Log Sink",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "IM-01",
     "name": "Credential Use Baseline",
     "requirement_id": "Google SAIF — Extend detection and response to AI (behavioral baselines)",
     "fit": "adjacent"
    },
    {
     "domain": "identity",
     "control": "IM-02",
     "name": "Anomalous Credential Use Detection",
     "requirement_id": "Google Security Command Center — Threat Detection",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "IM-04",
     "name": "Privilege Escalation Attempt Detection",
     "requirement_id": "Google Security Command Center — privilege escalation detection",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "IM-06",
     "name": "Identity Event Log Integrity",
     "requirement_id": "Google Cloud Audit Logs — Immutable Logs",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AA-01",
     "name": "Agent Identity Presentation at Tool Invocation",
     "requirement_id": "Element 1 — Expand strong security foundations to the AI ecosystem",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AA-02",
     "name": "API Key and Bearer Token Lifecycle Management",
     "requirement_id": "Element 4 — Harmonize platform-level controls to ensure consistent security",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AA-03",
     "name": "mTLS and Certificate-Based Agent Authentication",
     "requirement_id": "Element 2 — Extend detection and response to bring AI into the organization's threat universe",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AA-04",
     "name": "Workload Identity for Agent Processes",
     "requirement_id": "Element 1 — Expand strong security foundations to the AI ecosystem",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AA-05",
     "name": "Session Token Binding and Anti-Replay Controls",
     "requirement_id": "Agent Permissions (SAIF control)",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AA-06",
     "name": "Cross-System Authentication Chaining",
     "requirement_id": "Agent Permissions (SAIF control)",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AA-07",
     "name": "Authentication Failure Monitoring and Alerting",
     "requirement_id": "Element 2 — Extend detection and response to bring AI into the organization's threat universe",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AA-08",
     "name": "Agent Authentication Evidence Package",
     "requirement_id": "Element 5 — Adapt controls to adjust mitigations and create faster feedback loops",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AB-01",
     "name": "Authorized Action Scope Manifest",
     "requirement_id": "Agent Permissions (SAIF control)",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AB-02",
     "name": "Tool-Call Authorization Policy",
     "requirement_id": "Agent Permissions (SAIF control)",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AB-03",
     "name": "Action Reversibility Classification and Gates",
     "requirement_id": "Agent User Control (SAIF control)",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AB-04",
     "name": "Output Policy Enforcement",
     "requirement_id": "Element 5 — Adapt controls to adjust mitigations and create faster feedback loops",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AB-05",
     "name": "Prompt Injection Detection and Defense",
     "requirement_id": "Input Validation and Sanitization (SAIF control)",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AB-06",
     "name": "Rate Limiting and Resource Budget Enforcement",
     "requirement_id": "Element 4 — Harmonize platform-level controls to ensure consistent security",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AB-07",
     "name": "Behavioral Drift Monitoring",
     "requirement_id": "Agent Observability (SAIF control)",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AB-08",
     "name": "BehavioralAttestation Production",
     "requirement_id": "Element 6 — Contextualize AI system risks in surrounding business processes",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AT-01",
     "name": "Tool and Plugin Registry",
     "requirement_id": "Element 1 — Expand strong security foundations to the AI ecosystem",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AT-02",
     "name": "Tool Permission Scoping",
     "requirement_id": "Agent Permissions (SAIF control)",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AT-03",
     "name": "Tool Input Validation and Schema Enforcement",
     "requirement_id": "Input Validation and Sanitization (SAIF control)",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AT-04",
     "name": "Tool Output Sanitization and Integrity Verification",
     "requirement_id": "Element 3 — Automate defenses to keep pace with existing and new threats",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AT-05",
     "name": "Dangerous and Irreversible Tool Access Controls",
     "requirement_id": "Agent User Control (SAIF control)",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AT-06",
     "name": "Third-Party Plugin Vetting and Sandboxing",
     "requirement_id": "Element 1 — Expand strong security foundations to the AI ecosystem",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AT-07",
     "name": "Tool Usage Audit Trail",
     "requirement_id": "Agent Observability (SAIF control)",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AT-08",
     "name": "Tool Governance Evidence Package",
     "requirement_id": "Element 3 — Automate defenses to keep pace with existing and new threats",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AO-02",
     "name": "Sub-Agent Authorization and Capability Delegation",
     "requirement_id": "Agent Permissions (SAIF control)",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AO-03",
     "name": "Orchestration Message Integrity",
     "requirement_id": "Element 2 — Extend detection and response to bring AI into the organization's threat universe",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AO-04",
     "name": "Human-in-the-Loop Gates for High-Consequence Orchestrations",
     "requirement_id": "Agent User Control (SAIF control)",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AO-05",
     "name": "Orchestration Loop and Escalation Detection",
     "requirement_id": "Element 3 — Automate defenses to keep pace with existing and new threats",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AO-06",
     "name": "Cross-Organization Orchestration Trust Governance",
     "requirement_id": "Element 4 — Harmonize platform-level controls to ensure consistent security",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AO-07",
     "name": "Orchestration Audit Trail",
     "requirement_id": "Element 2 — Extend detection and response to bring AI into the organization's threat universe",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AM-01",
     "name": "Behavioral Telemetry Collection Baseline",
     "requirement_id": "Element 5 — Adapt controls to adjust mitigations and create faster feedback loops",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AM-02",
     "name": "Anomalous Action Detection",
     "requirement_id": "Element 2 — Extend detection and response to bring AI into the organization's threat universe",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AM-03",
     "name": "Goal Drift and Intent Deviation Detection",
     "requirement_id": "Agent Observability (SAIF control)",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AM-04",
     "name": "Resource Consumption Anomaly Monitoring",
     "requirement_id": "Agent Observability (SAIF control)",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AM-05",
     "name": "Multi-Agent Communication Monitoring",
     "requirement_id": "Input Validation and Sanitization (SAIF control)",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AM-06",
     "name": "Monitoring Log Integrity",
     "requirement_id": "Element 2 — Extend detection and response to bring AI into the organization's threat universe",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AM-07",
     "name": "Real-Time Alerting and Automated Agent Suspension",
     "requirement_id": "Element 3 — Automate defenses to keep pace with existing and new threats",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AM-08",
     "name": "Monitoring Coverage Evidence Package",
     "requirement_id": "Element 5 — Adapt controls to adjust mitigations and create faster feedback loops",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AG-03",
     "name": "Agentic AI Risk Assessment Framework",
     "requirement_id": "Element 6 — Contextualize AI system risks in surrounding business processes",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AG-05",
     "name": "Agent Incident Response Program",
     "requirement_id": "Incident Response Management (SAIF control)",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AG-07",
     "name": "Continuous Improvement and Lessons Learned",
     "requirement_id": "Element 5 — Adapt controls to adjust mitigations and create faster feedback loops",
     "fit": "partial"
    }
   ],
   "source_refs": [
    {
     "domain": "privacy",
     "control": "DC-01",
     "name": "Personal Data Inventory",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DC-02",
     "name": "Special Category Data Classification",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DC-06",
     "name": "Data Purpose Limitation Mapping",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DG-01",
     "name": "Data Processing Register",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DG-05",
     "name": "DPIA Lifecycle Management",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DG-06",
     "name": "Data Breach Response",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DS-03",
     "name": "Access Request Fulfillment",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DS-04",
     "name": "Erasure and Anonymization",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DS-05",
     "name": "Automated Decision Explanation Rights",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DP-01",
     "name": "Encryption at Rest and in Transit",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DP-02",
     "name": "Pseudonymization Implementation",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DP-03",
     "name": "Data Minimization Enforcement",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DP-04",
     "name": "Inference Scope Limitation",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DP-05",
     "name": "Output PII Scrubbing",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DP-06",
     "name": "Synthetic Data Governance",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DP-07",
     "name": "AI Telemetry Data Controls",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "PM-01",
     "name": "Privacy Incident Detection",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "PM-02",
     "name": "Cross-Context Inference Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "PM-03",
     "name": "Purpose Creep Detection",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "PM-05",
     "name": "Inference Log Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "PM-06",
     "name": "Privacy Breach Notification Management",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "PM-07",
     "name": "Third-Party Privacy Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "PC-01",
     "name": "Regulatory Obligation Mapping",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "PC-04",
     "name": "Privacy Program Effectiveness Assessment",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "PC-05",
     "name": "Privacy-by-Design Certification",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "PC-06",
     "name": "AI Privacy Impact Assessment",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "II-02",
     "name": "Identity Assurance Level Assignment",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "II-03",
     "name": "Cryptographic Identity Binding",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "II-04",
     "name": "Hardware-Rooted Identity for High-Consequence Agents",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "II-05",
     "name": "Non-Human Identity Separation from Human Identity",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "II-08",
     "name": "Identity Registry Integrity and Tamper Evidence",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "NI-02",
     "name": "Credential Issuance and Minimum Privilege",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "NI-03",
     "name": "Credential Lifetime and Forced Rotation",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "NI-04",
     "name": "Just-In-Time Credential Issuance",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "NI-07",
     "name": "Credential Storage and Secrets Hygiene",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "IF-04",
     "name": "DID-Based Cryptographic Agent Identity",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "IF-08",
     "name": "Cross-Domain Identity Audit Reconciliation",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "IM-01",
     "name": "Credential Use Baseline",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "IM-02",
     "name": "Anomalous Credential Use Detection",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "IM-04",
     "name": "Privilege Escalation Attempt Detection",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "IM-06",
     "name": "Identity Event Log Integrity",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AA-01",
     "name": "Agent Identity Presentation at Tool Invocation",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AA-02",
     "name": "API Key and Bearer Token Lifecycle Management",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AA-03",
     "name": "mTLS and Certificate-Based Agent Authentication",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AA-04",
     "name": "Workload Identity for Agent Processes",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AA-05",
     "name": "Session Token Binding and Anti-Replay Controls",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AA-06",
     "name": "Cross-System Authentication Chaining",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AA-07",
     "name": "Authentication Failure Monitoring and Alerting",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AA-08",
     "name": "Agent Authentication Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AB-01",
     "name": "Authorized Action Scope Manifest",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AB-02",
     "name": "Tool-Call Authorization Policy",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AB-03",
     "name": "Action Reversibility Classification and Gates",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AB-04",
     "name": "Output Policy Enforcement",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AB-05",
     "name": "Prompt Injection Detection and Defense",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AB-06",
     "name": "Rate Limiting and Resource Budget Enforcement",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AB-07",
     "name": "Behavioral Drift Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AB-08",
     "name": "BehavioralAttestation Production",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AT-01",
     "name": "Tool and Plugin Registry",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AT-02",
     "name": "Tool Permission Scoping",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AT-03",
     "name": "Tool Input Validation and Schema Enforcement",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AT-04",
     "name": "Tool Output Sanitization and Integrity Verification",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AT-05",
     "name": "Dangerous and Irreversible Tool Access Controls",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AT-06",
     "name": "Third-Party Plugin Vetting and Sandboxing",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AT-07",
     "name": "Tool Usage Audit Trail",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AT-08",
     "name": "Tool Governance Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AO-01",
     "name": "Multi-Agent Trust Chain Documentation",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AO-02",
     "name": "Sub-Agent Authorization and Capability Delegation",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AO-03",
     "name": "Orchestration Message Integrity",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AO-04",
     "name": "Human-in-the-Loop Gates for High-Consequence Orchestrations",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AO-05",
     "name": "Orchestration Loop and Escalation Detection",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AO-06",
     "name": "Cross-Organization Orchestration Trust Governance",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AO-07",
     "name": "Orchestration Audit Trail",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AM-01",
     "name": "Behavioral Telemetry Collection Baseline",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AM-02",
     "name": "Anomalous Action Detection",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AM-03",
     "name": "Goal Drift and Intent Deviation Detection",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AM-04",
     "name": "Resource Consumption Anomaly Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AM-05",
     "name": "Multi-Agent Communication Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AM-06",
     "name": "Monitoring Log Integrity",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AM-07",
     "name": "Real-Time Alerting and Automated Agent Suspension",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AM-08",
     "name": "Monitoring Coverage Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AG-01",
     "name": "Agentic AI Governance Structure",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AG-02",
     "name": "Agent Deployment Policy and Pre-Deployment Review Gate",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AG-03",
     "name": "Agentic AI Risk Assessment Framework",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AG-04",
     "name": "Senior Accountability for Autonomous AI Systems",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AG-05",
     "name": "Agent Incident Response Program",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AG-06",
     "name": "Agent Program Metrics and KPIs",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AG-07",
     "name": "Continuous Improvement and Lessons Learned",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AG-08",
     "name": "BehavioralAttestation Production",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {
    "privacy": 26,
    "identity": 15,
    "agentic": 41
   },
   "title": "Google Secure AI Framework (SAIF)",
   "total": 170
  },
  {
   "source_id": "gdpr",
   "framework_refs": [
    {
     "domain": "privacy",
     "control": "DC-01",
     "name": "Personal Data Inventory",
     "requirement_id": "Art 30",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DC-02",
     "name": "Special Category Data Classification",
     "requirement_id": "Art 9",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DC-03",
     "name": "Consent Registry",
     "requirement_id": "Art 7",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DC-04",
     "name": "Consent Signal Validation",
     "requirement_id": "Art 7(2)/Art 7(4)",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DC-05",
     "name": "Consent Withdrawal Processing",
     "requirement_id": "Art 7(3)",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DC-06",
     "name": "Data Purpose Limitation Mapping",
     "requirement_id": "Art 5(1)(b)/Art 6(4)",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DC-07",
     "name": "Children's Data Controls",
     "requirement_id": "Art 8",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DC-08",
     "name": "Consent Change Propagation",
     "requirement_id": "Art 5(2)",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DC-09",
     "name": "Data Collection Layer Evidence Package",
     "requirement_id": "Art. 5(2)",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DG-01",
     "name": "Data Processing Register",
     "requirement_id": "Art 30",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DG-02",
     "name": "Data Processor Agreements",
     "requirement_id": "Art 28",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DG-03",
     "name": "International Transfer Mechanism Registry",
     "requirement_id": "Art 46",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DG-04",
     "name": "Transfer Impact Assessment",
     "requirement_id": "Art 46",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DG-05",
     "name": "DPIA Lifecycle Management",
     "requirement_id": "Art 35",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DG-06",
     "name": "Data Breach Response",
     "requirement_id": "Art 33/Art 34",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DG-07",
     "name": "Data Retention and Deletion Schedule",
     "requirement_id": "Art 5(1)(e)",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DG-08",
     "name": "Governance Evidence Archive",
     "requirement_id": "Art 5(2)",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DS-01",
     "name": "Rights Request Reception",
     "requirement_id": "Art 12",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DS-02",
     "name": "Identity Verification for Rights Requests",
     "requirement_id": "Art 12(6)",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DS-03",
     "name": "Access Request Fulfillment",
     "requirement_id": "Art 15",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DS-04",
     "name": "Erasure and Anonymization",
     "requirement_id": "Art 17",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DS-05",
     "name": "Automated Decision Explanation Rights",
     "requirement_id": "Art 22(3)",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DS-06",
     "name": "Portability and Interoperability",
     "requirement_id": "Art 20",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DS-07",
     "name": "Objection and Restriction Processing",
     "requirement_id": "Art 21",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DS-08",
     "name": "Rights Request Evidence Log",
     "requirement_id": "Art 5(2)",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DP-01",
     "name": "Encryption at Rest and in Transit",
     "requirement_id": "Art 32(1)(a)",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DP-02",
     "name": "Pseudonymization Implementation",
     "requirement_id": "Art 25",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DP-03",
     "name": "Data Minimization Enforcement",
     "requirement_id": "Art 5(1)(c)",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DP-04",
     "name": "Inference Scope Limitation",
     "requirement_id": "Art 5(1)(b)",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DP-05",
     "name": "Output PII Scrubbing",
     "requirement_id": "Art 32",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DP-06",
     "name": "Synthetic Data Governance",
     "requirement_id": "Art 4(1)",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DP-07",
     "name": "AI Telemetry Data Controls",
     "requirement_id": "Art 5(1)(e)",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DP-08",
     "name": "Data Protection Evidence Log",
     "requirement_id": "Art 32",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "PM-01",
     "name": "Privacy Incident Detection",
     "requirement_id": "Art 33",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "PM-02",
     "name": "Cross-Context Inference Monitoring",
     "requirement_id": "Art 9",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "PM-03",
     "name": "Purpose Creep Detection",
     "requirement_id": "Art 5(1)(b)",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "PM-04",
     "name": "Consent State Consistency Monitoring",
     "requirement_id": "Art 7(1)",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "PM-05",
     "name": "Inference Log Monitoring",
     "requirement_id": "Art 32",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "PM-06",
     "name": "Privacy Breach Notification Management",
     "requirement_id": "Art 33/Art 34",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "PM-07",
     "name": "Third-Party Privacy Monitoring",
     "requirement_id": "Art 28(3)(h)",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "PM-08",
     "name": "Privacy Monitoring Evidence Archive",
     "requirement_id": "Art 5(2)",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "PC-01",
     "name": "Regulatory Obligation Mapping",
     "requirement_id": "Art 3",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "PC-02",
     "name": "Privacy Certification Program",
     "requirement_id": "Art 42",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "PC-03",
     "name": "Jurisdiction-Specific Compliance Package",
     "requirement_id": "Art 30",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "PC-04",
     "name": "Privacy Program Effectiveness Assessment",
     "requirement_id": "Art 24",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "PC-05",
     "name": "Privacy-by-Design Certification",
     "requirement_id": "Art 25",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "PC-06",
     "name": "AI Privacy Impact Assessment",
     "requirement_id": "Art 35",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "PC-07",
     "name": "Privacy Governance Reporting",
     "requirement_id": "Art 38",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "PC-08",
     "name": "PrivacyAttestation [BASELINE]",
     "requirement_id": "Art 5(2)",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CA-01",
     "name": "Regulatory Scope Determination",
     "requirement_id": "Art. 35",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CA-03",
     "name": "Cross-Domain Evidence Routing",
     "requirement_id": "Art. 5(2)",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CA-04",
     "name": "Design-Time Compliance Classification",
     "requirement_id": "Art. 25",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CA-05",
     "name": "Regulatory Change Management",
     "requirement_id": "Art. 5(2)",
     "fit": "adjacent"
    },
    {
     "domain": "compliance",
     "control": "CA-07",
     "name": "Third-Party and Supply Chain Compliance Obligations",
     "requirement_id": "Art. 28",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CA-08",
     "name": "Compliance Architecture Evidence Package",
     "requirement_id": "Art. 5(2)",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "OB-01",
     "name": "Obligation Register",
     "requirement_id": "Art. 5(2)",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "OB-06",
     "name": "Contractual AI Obligation Management",
     "requirement_id": "Art. 28",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "OB-07",
     "name": "Obligation Fulfillment Verification",
     "requirement_id": "Art. 5(2)",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "OB-08",
     "name": "Obligations Evidence Package",
     "requirement_id": "Art. 5(2)",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "RF-01",
     "name": "EU AI Act High-Risk AI System Classification",
     "requirement_id": "Art. 35",
     "fit": "adjacent"
    },
    {
     "domain": "compliance",
     "control": "CI-02",
     "name": "Continuous Compliance Monitoring",
     "requirement_id": "Art. 32",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CI-03",
     "name": "AI-Specific Compliance KPIs",
     "requirement_id": "Art. 5(2)",
     "fit": "adjacent"
    },
    {
     "domain": "compliance",
     "control": "CI-05",
     "name": "Compliance Training and Awareness Program",
     "requirement_id": "Art. 39(1)(b)",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CI-08",
     "name": "Compliance Implementation Evidence Package",
     "requirement_id": "Art. 5(2)",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "AU-01",
     "name": "Audit Readiness Program",
     "requirement_id": "Art. 5(2)",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "AU-02",
     "name": "Evidence Collection, Curation, and Validation",
     "requirement_id": "Art. 5(2)",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "AU-03",
     "name": "Auditor Access and Cooperation Protocols",
     "requirement_id": "Art. 31",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "AU-04",
     "name": "Audit Trail Integrity",
     "requirement_id": "Art. 5(1)(f)",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "AU-05",
     "name": "Regulatory Examination Response Program",
     "requirement_id": "Art. 31",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "AU-06",
     "name": "Audit Finding Remediation Program",
     "requirement_id": "Art. 25(1)",
     "fit": "adjacent"
    },
    {
     "domain": "compliance",
     "control": "AU-08",
     "name": "ComplianceAttestation Production",
     "requirement_id": "Art. 5(2)",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CG-01",
     "name": "Compliance Governance Structure",
     "requirement_id": "Article 24",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CG-02",
     "name": "Compliance Policy Framework for AI",
     "requirement_id": "Article 5(2) and Article 24",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CG-06",
     "name": "Compliance Incident Response",
     "requirement_id": "Article 33 and Article 34",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CG-08",
     "name": "Compliance Governance Evidence Package",
     "requirement_id": "Article 5(2)",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DX-01",
     "name": "Data Sensitivity Classification Framework for AI",
     "requirement_id": "Art. 5(1)(f)",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DX-02",
     "name": "Inter-System Data Transfer Authorization",
     "requirement_id": "Art. 5(1)(b)",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DX-04",
     "name": "Cross-Border Data Transfer Controls",
     "requirement_id": "Art. 44-49",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DX-05",
     "name": "Third-Party Data Sharing Agreements and Controls",
     "requirement_id": "Art. 28",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DX-06",
     "name": "Data Exchange Audit Trail",
     "requirement_id": "Art. 5(2) + Art. 30",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DX-07",
     "name": "Data Exchange Security Controls",
     "requirement_id": "Art. 5(1)(f)",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DX-08",
     "name": "Data Exchange Evidence Package",
     "requirement_id": "Art. 5(2)",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DI-04",
     "name": "AI Output Data Integrity Verification",
     "requirement_id": "Art. 5(1)(d)",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DI-06",
     "name": "Model Memorization Risk Assessment and Output Leakage Prevention",
     "requirement_id": "Art. 5(1)(f)",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DI-07",
     "name": "Data Integrity Incident Response",
     "requirement_id": "Art. 5(1)(f)",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DM-02",
     "name": "Data Classification and Sensitivity Tagging at Rest",
     "requirement_id": "Art. 5(1)(f)",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DM-03",
     "name": "Data Retention and Disposal Governance",
     "requirement_id": "Art. 5(1)(e)",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DM-05",
     "name": "Data Quality Standards and Target Setting",
     "requirement_id": "Art. 5(1)(d)",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DM-07",
     "name": "Synthetic Data Governance",
     "requirement_id": "Art. 5(1)(a)",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DM-08",
     "name": "Data Management Evidence Package",
     "requirement_id": "Art. 5(2)",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DL-03",
     "name": "Inference-Time Data Lineage (Per-Decision Provenance)",
     "requirement_id": "Art. 5(1)(a)",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DL-06",
     "name": "Data Lineage for Regulatory and Legal Purposes",
     "requirement_id": "Art. 5(2)",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DL-08",
     "name": "Data Lineage Evidence Package",
     "requirement_id": "Art. 5(2)",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DA-01",
     "name": "AI Data Access Authorization Framework",
     "requirement_id": "Art. 5(1)(f)",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DA-02",
     "name": "Data Minimization Implementation for AI",
     "requirement_id": "Art. 5(1)(c)",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DA-03",
     "name": "Consent-Based Data Access Controls",
     "requirement_id": "Art. 5(1)(b)",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DA-05",
     "name": "AI Data Access Review and Recertification",
     "requirement_id": "Art. 5(1)(f) + Art. 32",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DA-06",
     "name": "Cross-Border Data Access Jurisdiction Controls",
     "requirement_id": "Chapter V (Art. 44-49)",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DA-07",
     "name": "Emergency AI Data Access Procedures",
     "requirement_id": "Art. 5(1)(f)",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DA-08",
     "name": "Data Access Evidence Package",
     "requirement_id": "Art. 5(2)",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DV-08",
     "name": "DataGovernanceAttestation Production",
     "requirement_id": "Art. 5(2) — Accountability",
     "fit": "direct"
    }
   ],
   "source_refs": [
    {
     "domain": "model",
     "control": "TG-03",
     "name": "Data Rights, Lawful Authority and Permitted Use",
     "relationship": "normative_requirement"
    },
    {
     "domain": "model",
     "control": "TG-06",
     "name": "Sensitive-Data Necessity, Minimization and Controlled Use",
     "relationship": "normative_requirement"
    },
    {
     "domain": "model",
     "control": "TG-08",
     "name": "Dataset Retention, Deletion and Lifecycle",
     "relationship": "normative_requirement"
    },
    {
     "domain": "model",
     "control": "OA-08",
     "name": "Notice, Explanation Support, Human Review and Contestability",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DC-01",
     "name": "Personal Data Inventory",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DC-02",
     "name": "Special Category Data Classification",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DC-03",
     "name": "Consent Registry",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DC-04",
     "name": "Consent Signal Validation",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DC-05",
     "name": "Consent Withdrawal Processing",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DC-06",
     "name": "Data Purpose Limitation Mapping",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DC-07",
     "name": "Children's Data Controls",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DC-08",
     "name": "Consent Change Propagation",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DC-09",
     "name": "Data Collection Layer Evidence Package",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DG-01",
     "name": "Data Processing Register",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DG-02",
     "name": "Data Processor Agreements",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DG-03",
     "name": "International Transfer Mechanism Registry",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DG-04",
     "name": "Transfer Impact Assessment",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DG-05",
     "name": "DPIA Lifecycle Management",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DG-06",
     "name": "Data Breach Response",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DG-07",
     "name": "Data Retention and Deletion Schedule",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DG-08",
     "name": "Governance Evidence Archive",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DS-01",
     "name": "Rights Request Reception",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DS-02",
     "name": "Identity Verification for Rights Requests",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DS-03",
     "name": "Access Request Fulfillment",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DS-04",
     "name": "Erasure and Anonymization",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DS-05",
     "name": "Automated Decision Explanation Rights",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DS-06",
     "name": "Portability and Interoperability",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DS-07",
     "name": "Objection and Restriction Processing",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DS-08",
     "name": "Rights Request Evidence Log",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DP-01",
     "name": "Encryption at Rest and in Transit",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DP-02",
     "name": "Pseudonymization Implementation",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DP-03",
     "name": "Data Minimization Enforcement",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DP-04",
     "name": "Inference Scope Limitation",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DP-05",
     "name": "Output PII Scrubbing",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DP-06",
     "name": "Synthetic Data Governance",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DP-07",
     "name": "AI Telemetry Data Controls",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DP-08",
     "name": "Data Protection Evidence Log",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "PM-01",
     "name": "Privacy Incident Detection",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "PM-02",
     "name": "Cross-Context Inference Monitoring",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "PM-03",
     "name": "Purpose Creep Detection",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "PM-04",
     "name": "Consent State Consistency Monitoring",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "PM-05",
     "name": "Inference Log Monitoring",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "PM-06",
     "name": "Privacy Breach Notification Management",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "PM-07",
     "name": "Third-Party Privacy Monitoring",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "PM-08",
     "name": "Privacy Monitoring Evidence Archive",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "PC-01",
     "name": "Regulatory Obligation Mapping",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "PC-02",
     "name": "Privacy Certification Program",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "PC-03",
     "name": "Jurisdiction-Specific Compliance Package",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "PC-04",
     "name": "Privacy Program Effectiveness Assessment",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "PC-05",
     "name": "Privacy-by-Design Certification",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "PC-06",
     "name": "AI Privacy Impact Assessment",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "PC-07",
     "name": "Privacy Governance Reporting",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "PC-08",
     "name": "PrivacyAttestation [BASELINE]",
     "relationship": "normative_requirement"
    },
    {
     "domain": "data",
     "control": "DX-02",
     "name": "Inter-System Data Transfer Authorization",
     "relationship": "normative_requirement"
    },
    {
     "domain": "data",
     "control": "DX-08",
     "name": "Data Exchange Evidence Package",
     "relationship": "normative_requirement"
    },
    {
     "domain": "data",
     "control": "DI-07",
     "name": "Data Integrity Incident Response",
     "relationship": "normative_requirement"
    },
    {
     "domain": "data",
     "control": "DM-03",
     "name": "Data Retention and Disposal Governance",
     "relationship": "normative_requirement"
    },
    {
     "domain": "data",
     "control": "DM-08",
     "name": "Data Management Evidence Package",
     "relationship": "normative_requirement"
    },
    {
     "domain": "data",
     "control": "DL-03",
     "name": "Inference-Time Data Lineage (Per-Decision Provenance)",
     "relationship": "normative_requirement"
    },
    {
     "domain": "data",
     "control": "DL-06",
     "name": "Data Lineage for Regulatory and Legal Purposes",
     "relationship": "normative_requirement"
    },
    {
     "domain": "data",
     "control": "DL-08",
     "name": "Data Lineage Evidence Package",
     "relationship": "normative_requirement"
    },
    {
     "domain": "data",
     "control": "DA-02",
     "name": "Data Minimization Implementation for AI",
     "relationship": "normative_requirement"
    },
    {
     "domain": "data",
     "control": "DA-05",
     "name": "AI Data Access Review and Recertification",
     "relationship": "normative_requirement"
    },
    {
     "domain": "data",
     "control": "DA-06",
     "name": "Cross-Border Data Access Jurisdiction Controls",
     "relationship": "normative_requirement"
    },
    {
     "domain": "data",
     "control": "DA-07",
     "name": "Emergency AI Data Access Procedures",
     "relationship": "normative_requirement"
    },
    {
     "domain": "data",
     "control": "DA-08",
     "name": "Data Access Evidence Package",
     "relationship": "normative_requirement"
    },
    {
     "domain": "data",
     "control": "DV-08",
     "name": "DataGovernanceAttestation Production",
     "relationship": "normative_requirement"
    }
   ],
   "by_domain": {
    "privacy": 49,
    "compliance": 26,
    "data": 26
   },
   "title": "GDPR",
   "total": 168
  },
  {
   "source_id": "openai_preparedness",
   "framework_refs": [
    {
     "domain": "identity",
     "control": "IC-02",
     "name": "Identity Policy and Standards",
     "requirement_id": "Preparedness Framework v2 — safeguards for High-capability deployment",
     "fit": "adjacent"
    },
    {
     "domain": "identity",
     "control": "IC-05",
     "name": "Identity Compliance Mapping",
     "requirement_id": "Preparedness Framework v2 — 'Building trust' public disclosures",
     "fit": "adjacent"
    },
    {
     "domain": "identity",
     "control": "IC-08",
     "name": "Identity Attestation Production",
     "requirement_id": "OpenAI Enterprise Compliance API — audit and auth log export",
     "fit": "supporting"
    },
    {
     "domain": "agentic",
     "control": "AA-06",
     "name": "Cross-System Authentication Chaining",
     "requirement_id": "Research Categories (§2.3) — Long-range Autonomy and Autonomous Replication and Adaptation",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AA-08",
     "name": "Agent Authentication Evidence Package",
     "requirement_id": "Capabilities and Safeguards Reports (§3–§4)",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AB-01",
     "name": "Authorized Action Scope Manifest",
     "requirement_id": "Research Categories (§2.3) — Long-range Autonomy",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AB-03",
     "name": "Action Reversibility Classification and Gates",
     "requirement_id": "Safeguarding against severe harm (§4)",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AB-04",
     "name": "Output Policy Enforcement",
     "requirement_id": "Safeguarding against severe harm (§4)",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AB-05",
     "name": "Prompt Injection Detection and Defense",
     "requirement_id": "Safeguarding against severe harm (§4) — safeguard robustness",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AB-06",
     "name": "Rate Limiting and Resource Budget Enforcement",
     "requirement_id": "Research Categories (§2.3) — Autonomous Replication and Adaptation",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AB-07",
     "name": "Behavioral Drift Monitoring",
     "requirement_id": "Measuring capabilities (§3) — ongoing evaluation",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AB-08",
     "name": "BehavioralAttestation Production",
     "requirement_id": "Safeguards Reports (§4)",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AT-02",
     "name": "Tool Permission Scoping",
     "requirement_id": "Research Categories (§2.3) — Long-range Autonomy",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AT-05",
     "name": "Dangerous and Irreversible Tool Access Controls",
     "requirement_id": "Safeguarding against severe harm (§4)",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AT-08",
     "name": "Tool Governance Evidence Package",
     "requirement_id": "Safeguards Reports (§4)",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AO-01",
     "name": "Multi-Agent Trust Chain Documentation",
     "requirement_id": "Research Categories (§2.3) — Long-range Autonomy",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AO-02",
     "name": "Sub-Agent Authorization and Capability Delegation",
     "requirement_id": "Research Categories (§2.3) — Long-range Autonomy",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AO-04",
     "name": "Human-in-the-Loop Gates for High-Consequence Orchestrations",
     "requirement_id": "Safeguarding against severe harm (§4)",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AO-05",
     "name": "Orchestration Loop and Escalation Detection",
     "requirement_id": "Research Categories (§2.3) — Autonomous Replication and Adaptation",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AO-08",
     "name": "Orchestration Governance Evidence Package",
     "requirement_id": "Safeguards Reports (§4) and Internal governance (§5.1)",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AM-02",
     "name": "Anomalous Action Detection",
     "requirement_id": "Research Categories (§2.3) — Long-range Autonomy",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AM-03",
     "name": "Goal Drift and Intent Deviation Detection",
     "requirement_id": "Research Categories (§2.3) — Sandbagging and Long-range Autonomy",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AM-05",
     "name": "Multi-Agent Communication Monitoring",
     "requirement_id": "Research Categories (§2.3) — Long-range Autonomy",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AM-08",
     "name": "Monitoring Coverage Evidence Package",
     "requirement_id": "Safeguards Reports (§4)",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AG-01",
     "name": "Agentic AI Governance Structure",
     "requirement_id": "Internal governance (§5.1) — Safety Advisory Group",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AG-02",
     "name": "Agent Deployment Policy and Pre-Deployment Review Gate",
     "requirement_id": "Measuring capabilities (§3) and Internal governance (§5.1)",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AG-03",
     "name": "Agentic AI Risk Assessment Framework",
     "requirement_id": "Tracked and Research Categories (§2.2–§2.3) — capability risk taxonomy",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AG-04",
     "name": "Senior Accountability for Autonomous AI Systems",
     "requirement_id": "Internal governance (§5.1)",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AG-07",
     "name": "Continuous Improvement and Lessons Learned",
     "requirement_id": "Building trust (§5) — framework iteration and transparency",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AG-08",
     "name": "BehavioralAttestation Production",
     "requirement_id": "Capabilities and Safeguards Reports (§3–§4)",
     "fit": "adjacent"
    },
    {
     "domain": "resilience",
     "control": "RP-01",
     "name": "AI-Specific Business Continuity Plan",
     "requirement_id": "§4 Safeguarding — safeguard-driven deployment decisions",
     "fit": "adjacent"
    },
    {
     "domain": "resilience",
     "control": "RP-03",
     "name": "Model Rollback and Previous Version Recovery Planning",
     "requirement_id": "§4 Safeguarding — safeguard decisions affecting deployed models",
     "fit": "adjacent"
    },
    {
     "domain": "resilience",
     "control": "RP-05",
     "name": "Recovery Priority Classification for AI Systems",
     "requirement_id": "Capability thresholds — High and Critical capability levels",
     "fit": "adjacent"
    },
    {
     "domain": "resilience",
     "control": "RP-06",
     "name": "Third-Party AI Provider Outage Response Plan",
     "requirement_id": "§4 Safeguarding — safeguard-driven availability changes",
     "fit": "adjacent"
    },
    {
     "domain": "resilience",
     "control": "RO-02",
     "name": "Model Rollback Execution and Validation",
     "requirement_id": "§4 Safeguarding — safeguard-driven deployment changes",
     "fit": "adjacent"
    },
    {
     "domain": "resilience",
     "control": "RG-01",
     "name": "Resilience Governance Structure",
     "requirement_id": "§5.1 Internal governance — Safety Advisory Group",
     "fit": "adjacent"
    },
    {
     "domain": "resilience",
     "control": "RG-03",
     "name": "Senior Accountability for AI Operational Resilience",
     "requirement_id": "§5.1 Internal governance — leadership risk ownership",
     "fit": "adjacent"
    },
    {
     "domain": "resilience",
     "control": "RG-04",
     "name": "Resilience Risk Appetite and Threshold Setting",
     "requirement_id": "Capability thresholds — High and Critical levels",
     "fit": "adjacent"
    },
    {
     "domain": "resilience",
     "control": "RG-07",
     "name": "Resilience Program Metrics and Board Reporting",
     "requirement_id": "§5.1 Internal governance — Capabilities and Safeguards Reports",
     "fit": "adjacent"
    },
    {
     "domain": "resilience",
     "control": "RG-08",
     "name": "ResilienceAttestation Production",
     "requirement_id": "Capabilities and Safeguards Reports (§5.1 Internal governance)",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PV-01",
     "name": "Operating Intent Declaration",
     "requirement_id": "Preparedness Framework v2 — Tracked Categories and Deployment Thresholds",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PV-03",
     "name": "Intended Purpose Alignment Review",
     "requirement_id": "Preparedness Framework v2 — Building Trust (Ongoing Evaluation and Disclosure)",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PV-07",
     "name": "Deployment Scope Attestation",
     "requirement_id": "Preparedness Framework v2 — Safety Advisory Group Review and System Card Publication",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PV-08",
     "name": "Principal Intent vs. Agent Behavior Alignment",
     "requirement_id": "Preparedness Framework v2 — Research Categories (Long-Range Autonomy)",
     "fit": "supporting"
    },
    {
     "domain": "authority",
     "control": "PO-06",
     "name": "Communication and Commitment Policy",
     "requirement_id": "OpenAI Usage Policies — Permitted Use and Representation Governance",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PE-01",
     "name": "Policy Evidence Archive",
     "requirement_id": "Preparedness Framework v2 — Building Trust (Documented Evaluations)",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PE-02",
     "name": "Regulatory Disclosure Readiness",
     "requirement_id": "Preparedness Framework v2 — Building Trust (Disclosure and Government Engagement)",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PE-06",
     "name": "Board and Senior Management Policy Reporting",
     "requirement_id": "Preparedness Framework v2 — Safety Advisory Group Reporting Model",
     "fit": "supporting"
    },
    {
     "domain": "authority",
     "control": "PE-07",
     "name": "Policy Governance Program Assessment",
     "requirement_id": "Preparedness Framework v2 — Safety Advisory Group Review",
     "fit": "supporting"
    },
    {
     "domain": "authority",
     "control": "PE-08",
     "name": "Policy Attestation",
     "requirement_id": "Preparedness Framework v2 — System Cards and Safeguards Reports",
     "fit": "adjacent"
    }
   ],
   "source_refs": [
    {
     "domain": "identity",
     "control": "IC-02",
     "name": "Identity Policy and Standards",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "IC-05",
     "name": "Identity Compliance Mapping",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "IC-08",
     "name": "Identity Attestation Production",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AA-01",
     "name": "Agent Identity Presentation at Tool Invocation",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AA-02",
     "name": "API Key and Bearer Token Lifecycle Management",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AA-03",
     "name": "mTLS and Certificate-Based Agent Authentication",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AA-04",
     "name": "Workload Identity for Agent Processes",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AA-05",
     "name": "Session Token Binding and Anti-Replay Controls",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AA-06",
     "name": "Cross-System Authentication Chaining",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AA-07",
     "name": "Authentication Failure Monitoring and Alerting",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AA-08",
     "name": "Agent Authentication Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AB-01",
     "name": "Authorized Action Scope Manifest",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AB-02",
     "name": "Tool-Call Authorization Policy",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AB-03",
     "name": "Action Reversibility Classification and Gates",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AB-04",
     "name": "Output Policy Enforcement",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AB-05",
     "name": "Prompt Injection Detection and Defense",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AB-06",
     "name": "Rate Limiting and Resource Budget Enforcement",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AB-07",
     "name": "Behavioral Drift Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AB-08",
     "name": "BehavioralAttestation Production",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AT-02",
     "name": "Tool Permission Scoping",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AT-05",
     "name": "Dangerous and Irreversible Tool Access Controls",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AT-06",
     "name": "Third-Party Plugin Vetting and Sandboxing",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AT-07",
     "name": "Tool Usage Audit Trail",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AT-08",
     "name": "Tool Governance Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AO-01",
     "name": "Multi-Agent Trust Chain Documentation",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AO-02",
     "name": "Sub-Agent Authorization and Capability Delegation",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AO-03",
     "name": "Orchestration Message Integrity",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AO-04",
     "name": "Human-in-the-Loop Gates for High-Consequence Orchestrations",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AO-05",
     "name": "Orchestration Loop and Escalation Detection",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AO-07",
     "name": "Orchestration Audit Trail",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AO-08",
     "name": "Orchestration Governance Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AM-01",
     "name": "Behavioral Telemetry Collection Baseline",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AM-02",
     "name": "Anomalous Action Detection",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AM-03",
     "name": "Goal Drift and Intent Deviation Detection",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AM-05",
     "name": "Multi-Agent Communication Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AM-07",
     "name": "Real-Time Alerting and Automated Agent Suspension",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AM-08",
     "name": "Monitoring Coverage Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AG-01",
     "name": "Agentic AI Governance Structure",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AG-02",
     "name": "Agent Deployment Policy and Pre-Deployment Review Gate",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AG-03",
     "name": "Agentic AI Risk Assessment Framework",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AG-04",
     "name": "Senior Accountability for Autonomous AI Systems",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AG-05",
     "name": "Agent Incident Response Program",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AG-06",
     "name": "Agent Program Metrics and KPIs",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AG-07",
     "name": "Continuous Improvement and Lessons Learned",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AG-08",
     "name": "BehavioralAttestation Production",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RV-01",
     "name": "AI System RTO/RPO Definition and Validation",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RV-02",
     "name": "Resilience Control Verification Testing",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RV-03",
     "name": "Chaos Engineering for AI Systems",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RV-04",
     "name": "Recovery Capability Verification After Actual Incident",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RV-05",
     "name": "Third-Party AI Dependency Resilience Assessment",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RV-06",
     "name": "Multi-Region and Multi-AZ Resilience Verification",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RV-07",
     "name": "Degraded-Mode AI Operation Testing",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RV-08",
     "name": "Resilience Verification Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RP-01",
     "name": "AI-Specific Business Continuity Plan",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RP-02",
     "name": "AI System Disaster Recovery Plan",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RP-03",
     "name": "Model Rollback and Previous Version Recovery Planning",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RP-05",
     "name": "Recovery Priority Classification for AI Systems",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RP-06",
     "name": "Third-Party AI Provider Outage Response Plan",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RP-07",
     "name": "Recovery Plan Testing and Tabletop Exercises",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RP-08",
     "name": "Recovery Planning Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RO-01",
     "name": "AI System Failover Execution Procedures",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RO-02",
     "name": "Model Rollback Execution and Validation",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RO-04",
     "name": "Recovery Operations Communication Protocol",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RO-05",
     "name": "Pre-Restoration Validation Before Traffic Resumption",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RO-06",
     "name": "Recovery Operations Audit Trail",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RO-08",
     "name": "Recovery Operations Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "FO-04",
     "name": "Input Validation and Malformed Request Handling",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RE-01",
     "name": "High Availability Architecture for AI Systems",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RE-02",
     "name": "Stateless Agent Design and Session Recovery",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RE-03",
     "name": "Data Redundancy and Backup Governance",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RE-04",
     "name": "Infrastructure-as-Code for Reproducible Recovery",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RE-05",
     "name": "Dependency Isolation and Bulkhead Patterns",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RE-06",
     "name": "DORA Compliance Architecture for AI Systems",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RE-07",
     "name": "Resilience Engineering Review in Development Lifecycle",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RE-08",
     "name": "Resilience Engineering Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RG-01",
     "name": "Resilience Governance Structure",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RG-02",
     "name": "Resilience Policy Framework",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RG-03",
     "name": "Senior Accountability for AI Operational Resilience",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RG-04",
     "name": "Resilience Risk Appetite and Threshold Setting",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RG-06",
     "name": "Resilience Incident Response Integration",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RG-07",
     "name": "Resilience Program Metrics and Board Reporting",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RG-08",
     "name": "ResilienceAttestation Production",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PV-01",
     "name": "Operating Intent Declaration",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PV-03",
     "name": "Intended Purpose Alignment Review",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PV-07",
     "name": "Deployment Scope Attestation",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PV-08",
     "name": "Principal Intent vs. Agent Behavior Alignment",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PO-06",
     "name": "Communication and Commitment Policy",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PR-06",
     "name": "AI in Contract Negotiation Controls",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PE-01",
     "name": "Policy Evidence Archive",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PE-02",
     "name": "Regulatory Disclosure Readiness",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PE-06",
     "name": "Board and Senior Management Policy Reporting",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PE-07",
     "name": "Policy Governance Program Assessment",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PE-08",
     "name": "Policy Attestation",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {
    "identity": 3,
    "agentic": 27,
    "resilience": 10,
    "authority": 10
   },
   "title": "OpenAI Preparedness Framework v2",
   "total": 143
  },
  {
   "source_id": "anthropic_zt_agents",
   "framework_refs": [
    {
     "domain": "security",
     "control": "IA-01",
     "name": "Give every agent its own distinct identity, never a shared or human login",
     "requirement_id": "Part III — Agent identity verification; Part IV Phase 3 — Assign a unique identity",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "IA-02",
     "name": "Hand out short-lived, task-scoped keys (no long-lived secrets)",
     "requirement_id": "Part III — Service authentication (short-lived tokens from an identity provider); Part IV Phase 5 — Short-lived, identity-provider-issued credentials as baselin",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "IA-03",
     "name": "Act on the user's behalf with explicit approval for sensitive steps",
     "requirement_id": "Part IV Phase 3 — Escalation triggers; Part IV Phase 5 — Approval escalation",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "IA-04",
     "name": "Check permission continuously at run time, not just once at login",
     "requirement_id": "Part III — Access control and privilege management (continuous authorization); Part IV Phase 6 — Attribute-based Access Control (ABAC)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "IA-05",
     "name": "Find and inventory every agent, surface the shadow ones",
     "requirement_id": "Part III — AI governance policies (Address Shadow AI); Part III — Agent identity and authentication (track agent lifecycle from creation through retirement)",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "IA-06",
     "name": "Bind a signed, end-to-end provenance chain to every agent action",
     "requirement_id": "Part III — Traceability (Full provenance chains from input to output)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "EC-01",
     "name": "Run the agent in a sandbox, from process isolation up to micro-VMs",
     "requirement_id": "Part III — Resource boundaries (Sandboxed execution / Hardware isolation); Part IV Phase 5 — Sandbox execution",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "EC-02",
     "name": "Filter the agent's outbound network traffic",
     "requirement_id": "Part III — Resource boundaries (block unnecessary east-west traffic; restricted network access)",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "EC-03",
     "name": "Keep memory short-lived, and validate anything written to it",
     "requirement_id": "Part IV Phase 7 — Safeguard agent memory (Memory isolation; Context integrity validation; Context retention policies)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "EC-04",
     "name": "Limit filesystem and tool access to the bare minimum",
     "requirement_id": "Part IV Phase 3 — Scope limits / Least Agency; Part IV Phase 5 — Capability restrictions",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "EC-05",
     "name": "Cap spend and resource use, stop denial-of-wallet",
     "requirement_id": "Part II — Resource exhaustion attacks; Part IV Phase 5 — Secure tool access (rate limiting and spending controls, circuit breakers)",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "EC-06",
     "name": "Contain runaway loops and over-reach (least-agency)",
     "requirement_id": "Part I — Least agency; Part II — Resource exhaustion attacks (loop amplification)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "EC-07",
     "name": "Trust-rank retrieved content before it enters the agent's context",
     "requirement_id": "Part IV Phase 4 — Input isolation; Part II — RAG poisoning",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "EC-08",
     "name": "Keep secrets out of the prompt and context",
     "requirement_id": "Part IV Phase 6 — Credential isolation; Part IV Phase 6 — Protect agent credentials",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "EC-09",
     "name": "Treat the workspace and its config and hooks as untrusted",
     "requirement_id": "Part III — Configuration integrity",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "PT-01",
     "name": "Authenticate and sign agent-to-agent communication",
     "requirement_id": "Part IV Phase 6 — Explicit trust boundaries; Part III — Agent identity and authentication (mutual TLS)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "PT-02",
     "name": "Authorize tool calls and govern the MCP server registry",
     "requirement_id": "Part IV Phase 5 — Secure tool access (Tool allow-listing); Part II — Tool poisoning",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "PT-03",
     "name": "Verify skill/tool manifest integrity and sign the supply chain",
     "requirement_id": "Part IV Phase 2 — Manage supply chain risks (Cryptographic signing; Vendor assessments); Part II — Tool and framework supply chain risks",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "PT-04",
     "name": "Validate tool input/output, treat tool results as untrusted",
     "requirement_id": "Part IV Phase 5 — Parameter validation; Part III — Input sanitization",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "PT-05",
     "name": "Encode and validate the agent's own output before it reaches other systems",
     "requirement_id": "Part III — Output filtering",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "PT-06",
     "name": "Sanitize model-generated tool parameters, not just the schema",
     "requirement_id": "Part IV Phase 5 — Parameter validation (sanitize model-generated tool parameters)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "PT-07",
     "name": "Verify tool descriptions for hidden instructions (description injection)",
     "requirement_id": "Part II — Tool poisoning (MCP tool descriptors, schemas, metadata)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "PT-08",
     "name": "Enforce an instruction hierarchy so tool output cannot give the agent orders",
     "requirement_id": "Part IV Phase 4 — Input isolation (spotlighting; treat untrusted content as less trustworthy)",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "GV-01",
     "name": "Require a human hard-stop for irreversible actions",
     "requirement_id": "Part IV Phase 5 — Approval escalation; Part IV Phase 3 — Escalation triggers",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "GV-02",
     "name": "Keep an immutable, tamper-evident audit trail of what the agent did",
     "requirement_id": "Part III — Action logging (Immutable audit trails with integrity verification)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "GV-03",
     "name": "Define multi-agent authority and conflict resolution explicitly",
     "requirement_id": "Part IV Phase 6 — Explicit trust boundaries; Part II — Unscoped privilege inheritance",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "GV-04",
     "name": "Enforce policy as code at run time, in the request path",
     "requirement_id": "Part III — AI governance policies (Continuous policy enforcement with automated compliance checking)",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "GV-05",
     "name": "Run an AI management system and tier agents by their autonomy",
     "requirement_id": "Part III — AI governance policies (formal governance framework); Part III — Applying Zero Trust to agentic AI services (tiered framework)",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "GV-06",
     "name": "Cap the rate and volume of irreversible actions",
     "requirement_id": "Part IV Phase 5 — Secure tool access (rate limiting, spending controls); Part II — Resource exhaustion attacks",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "GV-09",
     "name": "Anchor a named business owner to every agent (accountability)",
     "requirement_id": "Part III — AI governance policies (Document who approves agent deployments)",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "GV-11",
     "name": "Plan recovery and compensation for actions the agent already committed",
     "requirement_id": "Part III — Recovery capabilities",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "RT-01",
     "name": "Capture OS-level telemetry of what the agent actually does",
     "requirement_id": "Part III — Action logging; Part III — Observability and auditing",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "RT-02",
     "name": "Detect direct and indirect prompt injection at every input and output",
     "requirement_id": "Part IV Phase 4 — Defend against prompt injection (Input isolation; Constitutional classifiers); Part II — Prompt injection and instruction manipulation",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "RT-03",
     "name": "Supervise the agent's reasoning and check it matches its actions",
     "requirement_id": "Part III — Behavioral monitoring and response; Part III — Traceability (reasoning steps)",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "RT-04",
     "name": "Detect anomalies and trigger pause, kill switch, or containment",
     "requirement_id": "Part III — Anomaly detection; Part III — Automated response (session termination, credential revocation)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "RT-05",
     "name": "Apply data-loss prevention to agent egress and interactions",
     "requirement_id": "Part III — Output filtering (scan/block PII, credentials, sensitive business data)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "RT-06",
     "name": "Map AI-native threats, extend ATT&CK/ATLAS to agentic orchestration",
     "requirement_id": "Part V — Map detection coverage against MITRE ATT&CK",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "RT-07",
     "name": "Detect multi-agent collusion and covert channels",
     "requirement_id": "Part IV Phase 6 — Explicit trust boundaries (log all inter-agent communications; flag unusual delegation patterns)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "AS-02",
     "name": "Statically analyze agent skills and manifests in CI",
     "requirement_id": "Part IV Phase 2 — Evaluate dependency health automatically (OpenSSF Scorecard in CI)",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "AS-06",
     "name": "Verify model-weights and training-data provenance before load",
     "requirement_id": "Part IV Phase 2 — AI Bill of Material (model provenance, training dataset lineage); Part II — Model supply chain risks",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "AS-07",
     "name": "Verify a skill does what it declares (behavioral integrity)",
     "requirement_id": "Part IV Phase 2 — Vendor assessments; Part II — Tool poisoning (rug pull)",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "AS-08",
     "name": "Harden and assure the security control plane as tier-zero infrastructure",
     "requirement_id": "Part V — Trust through verification for defensive agents",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "II-01",
     "name": "AI Agent Identity Registry",
     "requirement_id": "Part III — Agent identity verification (persistent agent IDs; track lifecycle from creation through retirement)",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "II-02",
     "name": "Identity Assurance Level Assignment",
     "requirement_id": "Part III — Agent identity and authentication (Foundation/Enterprise/Advanced identity tiers)",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "II-03",
     "name": "Cryptographic Identity Binding",
     "requirement_id": "Part III — Agent identity and authentication (Unique cryptographic identifiers backed by cryptographic material, not just labels)",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "II-04",
     "name": "Hardware-Rooted Identity for High-Consequence Agents",
     "requirement_id": "Part III — Agent identity and authentication (Advanced: hardware-backed identity with attestation); Part IV Phase 6 — Hardware-bound credentials for production ",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "II-05",
     "name": "Non-Human Identity Separation from Human Identity",
     "requirement_id": "Part II — Identity and privilege abuse (agents operate with elevated privileges/service accounts; traditional identity systems struggle to accommodate them)",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "II-06",
     "name": "Accountable Owner Binding",
     "requirement_id": "Part III — AI governance policies (Document who approves agent deployments)",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "II-07",
     "name": "Identity Metadata, Capability Manifest and Artifact Binding",
     "requirement_id": "Part IV Phase 3 — Approved/prohibited actions; Part IV Phase 3 — Assign a unique identity",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "NI-02",
     "name": "Credential Issuance and Minimum Privilege",
     "requirement_id": "Part III — Service authentication; Part III — Access control and privilege management (Least Agency, minimum permissions per role)",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "NI-03",
     "name": "Credential Lifetime and Forced Rotation",
     "requirement_id": "Part IV Phase 6 — Short-lived, identity-provider-issued credentials as baseline; Part III — Service authentication (tokens expiring in minutes)",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "NI-04",
     "name": "Just-In-Time Credential Issuance",
     "requirement_id": "Part IV Phase 6 — Just-in-time (JIT) access; Part III — Privilege scoping (JIT/JEA with automatic expiration)",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "NI-05",
     "name": "Identity Deprovisioning and Revocation",
     "requirement_id": "Part III — Agent identity and authentication (certificate lifecycle management including rotation and revocation; CRL/OCSP); Part III — Automated response (revo",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "NI-06",
     "name": "Ghost Identity Detection and Remediation",
     "requirement_id": "Part III — AI governance policies (Address Shadow AI); Part II — Identity and privilege abuse",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "NI-07",
     "name": "Credential Storage and Secrets Hygiene",
     "requirement_id": "Part IV Phase 6 — Credential isolation (credentials never in code or configuration files; inject at runtime from secrets management)",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "NI-08",
     "name": "Break-Glass Identity and Emergency Access",
     "requirement_id": "Part V — Establish emergency change procedures in advance; Part III — Privilege scoping (dynamic elevation)",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "DE-01",
     "name": "Delegation Chain Documentation",
     "requirement_id": "Part II — Unscoped privilege inheritance; Part IV Phase 6 — Explicit trust boundaries",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "DE-02",
     "name": "Scope Boundary Enforcement",
     "requirement_id": "Part IV Phase 3 — Scope limits / Least Agency",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "DE-03",
     "name": "Delegation Depth Limits",
     "requirement_id": "Part II — Unscoped privilege inheritance (manager to worker delegation); Part IV Phase 3 — Scope limits / Least Agency (compartmentalize into multiple agents)",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "DE-04",
     "name": "Task-Scoped Delegation",
     "requirement_id": "Part III — Privilege scoping (Dynamic privilege adjustment based on task requirements); Part IV Phase 3 — Scope limits / Least Agency",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "DE-05",
     "name": "User Consent for Delegated AI Action",
     "requirement_id": "Part IV Phase 3 — Escalation triggers; Part II — Unscoped privilege inheritance (executes without verifying the original user's intent)",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "DE-07",
     "name": "Delegation Audit Trail",
     "requirement_id": "Part IV Phase 6 — Explicit trust boundaries (log all inter-agent communications); Part III — Action logging",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IF-02",
     "name": "OIDC/OAuth Federation Configuration",
     "requirement_id": "Part III — Service authentication (OAuth 2.0); Part IV Phase 6 — Just-in-time (JIT) access",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "IF-03",
     "name": "Cross-Organizational Agent Authentication",
     "requirement_id": "Part IV Phase 6 — Explicit trust boundaries; Part III — Agent identity and authentication (mutual TLS between production services)",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "IF-06",
     "name": "Token Validation and Binding",
     "requirement_id": "Part III — Service authentication (token-based authentication)",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "IM-02",
     "name": "Anomalous Credential Use Detection",
     "requirement_id": "Part III — Anomaly detection",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IM-03",
     "name": "Impossible Travel and Context Anomaly Detection",
     "requirement_id": "Part III — Anomaly detection; Part IV Phase 6 — Attribute-based Access Control (ABAC: source location, time of day)",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "IM-04",
     "name": "Privilege Escalation Attempt Detection",
     "requirement_id": "Part II — Memory-based privilege retention (escalating privileges across session boundaries); Part III — Anomaly detection",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "IM-05",
     "name": "Credential Sharing Detection",
     "requirement_id": "Part IV Phase 6 — Credential isolation (each agent instance has unique credentials)",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "IM-06",
     "name": "Identity Event Log Integrity",
     "requirement_id": "Part III — Action logging (Immutable audit trails with integrity verification)",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IM-08",
     "name": "Identity Incident Response",
     "requirement_id": "Part III — Automated response; Part V — Establish emergency change procedures in advance",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "IC-01",
     "name": "Identity Governance Structure",
     "requirement_id": "Part III — AI governance policies (formal governance framework)",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IC-02",
     "name": "Identity Policy and Standards",
     "requirement_id": "Part III — AI governance policies (Documented acceptable use and incident response policies)",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IC-03",
     "name": "Identity Access Review",
     "requirement_id": "Part III — Privilege scoping (Review and certify permissions periodically; Remove unused permissions)",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IC-04",
     "name": "Privileged Identity Management for AI",
     "requirement_id": "Part III — Privilege scoping (JIT/JEA, dynamic elevation); Part IV Phase 6 — Just-in-time (JIT) access",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IC-05",
     "name": "Identity Compliance Mapping",
     "requirement_id": "Part I — Regulated industries and compliance requirements; Part III — AI governance policies",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "IC-06",
     "name": "Third-Party Identity Provider Audit",
     "requirement_id": "Part IV Phase 2 — Vendor assessments",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "IC-07",
     "name": "Identity Program Metrics and KPIs",
     "requirement_id": "Part IV Phase 8 — Measure what matters (Dwell time and coverage; Detection speed)",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AA-01",
     "name": "Agent Identity Presentation at Tool Invocation",
     "requirement_id": "Part III — Agent identity verification; Part IV Phase 3 — Assign a unique identity",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AA-02",
     "name": "API Key and Bearer Token Lifecycle Management",
     "requirement_id": "Part III — Service authentication (short-lived tokens, OAuth 2.0)",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AA-03",
     "name": "mTLS and Certificate-Based Agent Authentication",
     "requirement_id": "Part III — Agent identity and authentication (Enterprise: mutual TLS with certificate pinning; X.509 per agent)",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AA-04",
     "name": "Workload Identity for Agent Processes",
     "requirement_id": "Part III — Resource boundaries (identity-based isolation: every workload carries its own cryptographic identity); Part III — Agent identity and authentication",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AA-05",
     "name": "Session Token Binding and Anti-Replay Controls",
     "requirement_id": "Part III — Service authentication (short-lived tokens); Part IV Phase 6 — Protect agent credentials (session-scoped tokens expire)",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AA-06",
     "name": "Cross-System Authentication Chaining",
     "requirement_id": "Part IV Phase 6 — Explicit trust boundaries; Part II — Unscoped privilege inheritance (confused deputy)",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AA-07",
     "name": "Authentication Failure Monitoring and Alerting",
     "requirement_id": "Part III — Anomaly detection (alert when thresholds exceeded)",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AB-01",
     "name": "Authorized Action Scope Manifest",
     "requirement_id": "Part IV Phase 3 — Approved/prohibited actions; Part IV Phase 3 — Scope limits / Least Agency",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AB-02",
     "name": "Tool-Call Authorization Policy",
     "requirement_id": "Part IV Phase 5 — Tool allow-listing; Part IV Phase 5 — Capability restrictions",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AB-03",
     "name": "Action Reversibility Classification and Gates",
     "requirement_id": "Part IV Phase 3 — Escalation triggers; Part IV Phase 5 — Approval escalation",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AB-04",
     "name": "Output Policy Enforcement",
     "requirement_id": "Part III — Output filtering",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AB-05",
     "name": "Prompt Injection Detection and Defense",
     "requirement_id": "Part IV Phase 4 — Defend against prompt injection (Input isolation; Constitutional classifiers)",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AB-06",
     "name": "Rate Limiting and Resource Budget Enforcement",
     "requirement_id": "Part II — Resource exhaustion attacks; Part IV Phase 5 — Secure tool access (rate limiting, circuit breakers, spending controls)",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AB-07",
     "name": "Behavioral Drift Monitoring",
     "requirement_id": "Part III — Baseline establishment; Part IV Phase 8 — Behavior (behavioral conformance, drift)",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AT-01",
     "name": "Tool and Plugin Registry",
     "requirement_id": "Part IV Phase 5 — Tool allow-listing (explicit lists of permitted tools per agent function)",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AT-02",
     "name": "Tool Permission Scoping",
     "requirement_id": "Part IV Phase 5 — Capability restrictions; Part IV Phase 3 — Scope limits / Least Agency",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AT-03",
     "name": "Tool Input Validation and Schema Enforcement",
     "requirement_id": "Part IV Phase 5 — Parameter validation; Part III — Input sanitization (validate against expected schemas)",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AT-04",
     "name": "Tool Output Sanitization and Integrity Verification",
     "requirement_id": "Part II — Tool poisoning; Part III — Input sanitization (treat tool results as untrusted)",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AT-05",
     "name": "Dangerous and Irreversible Tool Access Controls",
     "requirement_id": "Part IV Phase 5 — Approval escalation; Part IV Phase 5 — Capability restrictions (send capability requiring separate authorization)",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AT-06",
     "name": "Third-Party Plugin Vetting and Sandboxing",
     "requirement_id": "Part IV Phase 2 — Vendor assessments; Part IV Phase 5 — Sandbox execution",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AT-07",
     "name": "Tool Usage Audit Trail",
     "requirement_id": "Part III — Action logging (Log all tool invocations)",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AO-01",
     "name": "Multi-Agent Trust Chain Documentation",
     "requirement_id": "Part IV Phase 6 — Explicit trust boundaries; Part II — Unscoped privilege inheritance",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AO-02",
     "name": "Sub-Agent Authorization and Capability Delegation",
     "requirement_id": "Part II — Unscoped privilege inheritance; Part IV Phase 6 — Explicit trust boundaries",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AO-03",
     "name": "Orchestration Message Integrity",
     "requirement_id": "Part IV Phase 6 — Explicit trust boundaries (authorization checks at each step; log inter-agent comms)",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AO-04",
     "name": "Human-in-the-Loop Gates for High-Consequence Orchestrations",
     "requirement_id": "Part IV Phase 3 — Escalation triggers; Part IV Phase 5 — Approval escalation",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AO-05",
     "name": "Orchestration Loop and Escalation Detection",
     "requirement_id": "Part II — Resource exhaustion attacks (loop amplification)",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AO-06",
     "name": "Cross-Organization Orchestration Trust Governance",
     "requirement_id": "Part IV Phase 6 — Explicit trust boundaries; Part III — AI governance policies",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AO-07",
     "name": "Orchestration Audit Trail",
     "requirement_id": "Part III — Traceability (Distributed tracing across multi-agent workflows)",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AM-01",
     "name": "Behavioral Telemetry Collection Baseline",
     "requirement_id": "Part III — Baseline establishment",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AM-02",
     "name": "Anomalous Action Detection",
     "requirement_id": "Part III — Anomaly detection",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AM-03",
     "name": "Goal Drift and Intent Deviation Detection",
     "requirement_id": "Part IV Phase 8 — Behavior (goal/behavioral drift); Part III — Baseline establishment (drift detection)",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AM-04",
     "name": "Resource Consumption Anomaly Monitoring",
     "requirement_id": "Part III — Anomaly detection (API call rates, data access volumes)",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AM-05",
     "name": "Multi-Agent Communication Monitoring",
     "requirement_id": "Part IV Phase 6 — Explicit trust boundaries (log all inter-agent communications; flag unusual delegation patterns)",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AM-06",
     "name": "Monitoring Log Integrity",
     "requirement_id": "Part III — Action logging (Immutable audit trails with integrity verification)",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AM-07",
     "name": "Real-Time Alerting and Automated Agent Suspension",
     "requirement_id": "Part III — Automated response (session termination, credential revocation); Part III — Anomaly detection",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AG-01",
     "name": "Agentic AI Governance Structure",
     "requirement_id": "Part III — AI governance policies (formal governance framework with stakeholder oversight)",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AG-02",
     "name": "Agent Deployment Policy and Pre-Deployment Review Gate",
     "requirement_id": "Part III — AI governance policies (approval processes for new agent deployments); Part IV Phase 1 — Identify requirements",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AG-03",
     "name": "Agentic AI Risk Assessment Framework",
     "requirement_id": "Part III — AI governance policies (risk assessment procedures specific to agentic systems); Part IV Phase 3 — Identify the blast radius",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AG-04",
     "name": "Senior Accountability for Autonomous AI Systems",
     "requirement_id": "Part III — AI governance policies (Document who approves agent deployments)",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AG-05",
     "name": "Agent Incident Response Program",
     "requirement_id": "Part III — AI governance policies (incident response procedures that address agent compromise); Part V — Establish emergency change procedures in advance",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AG-06",
     "name": "Agent Program Metrics and KPIs",
     "requirement_id": "Part IV Phase 8 — Measure what matters (Dwell time and coverage; Detection speed)",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AG-07",
     "name": "Continuous Improvement and Lessons Learned",
     "requirement_id": "Part III — AI governance policies (Update policies based on incident learnings)",
     "fit": "partial"
    }
   ],
   "source_refs": [
    {
     "domain": "security",
     "control": "IA-01",
     "name": "Give every agent its own distinct identity, never a shared or human login",
     "relationship": "informative_reference"
    },
    {
     "domain": "security",
     "control": "IA-02",
     "name": "Hand out short-lived, task-scoped keys (no long-lived secrets)",
     "relationship": "informative_reference"
    },
    {
     "domain": "security",
     "control": "IA-04",
     "name": "Check permission continuously at run time, not just once at login",
     "relationship": "informative_reference"
    },
    {
     "domain": "security",
     "control": "EC-01",
     "name": "Run the agent in a sandbox, from process isolation up to micro-VMs",
     "relationship": "informative_reference"
    },
    {
     "domain": "security",
     "control": "EC-03",
     "name": "Keep memory short-lived, and validate anything written to it",
     "relationship": "informative_reference"
    },
    {
     "domain": "security",
     "control": "PT-02",
     "name": "Authorize tool calls and govern the MCP server registry",
     "relationship": "informative_reference"
    },
    {
     "domain": "security",
     "control": "PT-04",
     "name": "Validate tool input/output, treat tool results as untrusted",
     "relationship": "informative_reference"
    },
    {
     "domain": "security",
     "control": "RT-02",
     "name": "Detect direct and indirect prompt injection at every input and output",
     "relationship": "informative_reference"
    },
    {
     "domain": "security",
     "control": "AS-06",
     "name": "Verify model-weights and training-data provenance before load",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "II-01",
     "name": "AI Agent Identity Registry",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "II-04",
     "name": "Hardware-Rooted Identity for High-Consequence Agents",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "NI-03",
     "name": "Credential Lifetime and Forced Rotation",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "NI-04",
     "name": "Just-In-Time Credential Issuance",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "NI-07",
     "name": "Credential Storage and Secrets Hygiene",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AA-01",
     "name": "Agent Identity Presentation at Tool Invocation",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AB-05",
     "name": "Prompt Injection Detection and Defense",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AM-02",
     "name": "Anomalous Action Detection",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AG-01",
     "name": "Agentic AI Governance Structure",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {
    "security": 42,
    "identity": 36,
    "agentic": 42
   },
   "title": "Zero Trust for AI Agents",
   "total": 138
  },
  {
   "source_id": "openai_enterprise_policies_2024",
   "framework_refs": [
    {
     "domain": "compliance",
     "control": "CA-01",
     "name": "Regulatory Scope Determination",
     "requirement_id": "Usage Policies",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CA-02",
     "name": "Compliance Framework Selection and Mapping",
     "requirement_id": "Trust Portal",
     "fit": "adjacent"
    },
    {
     "domain": "compliance",
     "control": "CA-04",
     "name": "Design-Time Compliance Classification",
     "requirement_id": "Usage Policies",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CA-05",
     "name": "Regulatory Change Management",
     "requirement_id": "Enterprise DPA",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CA-07",
     "name": "Third-Party and Supply Chain Compliance Obligations",
     "requirement_id": "Enterprise DPA",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CA-08",
     "name": "Compliance Architecture Evidence Package",
     "requirement_id": "Enterprise DPA",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "OB-01",
     "name": "Obligation Register",
     "requirement_id": "Enterprise DPA",
     "fit": "adjacent"
    },
    {
     "domain": "compliance",
     "control": "OB-04",
     "name": "EU AI Act Conformity Assessment Obligation Management",
     "requirement_id": "Data Processing Addendum",
     "fit": "adjacent"
    },
    {
     "domain": "compliance",
     "control": "OB-06",
     "name": "Contractual AI Obligation Management",
     "requirement_id": "Enterprise DPA",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "RF-01",
     "name": "EU AI Act High-Risk AI System Classification",
     "requirement_id": "Usage Policies",
     "fit": "adjacent"
    },
    {
     "domain": "compliance",
     "control": "RF-03",
     "name": "EU AI Act Technical Documentation Package (Art. 11)",
     "requirement_id": "Enterprise DPA",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "RF-05",
     "name": "FedRAMP Authorization Support for AI Systems",
     "requirement_id": "Data residency commitments",
     "fit": "adjacent"
    },
    {
     "domain": "compliance",
     "control": "RF-06",
     "name": "SOC 2 AI-Specific Evidence Production",
     "requirement_id": "Enterprise DPA",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CI-05",
     "name": "Compliance Training and Awareness Program",
     "requirement_id": "Usage Policies",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CI-08",
     "name": "Compliance Implementation Evidence Package",
     "requirement_id": "Enterprise DPA",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "AU-02",
     "name": "Evidence Collection, Curation, and Validation",
     "requirement_id": "Enterprise DPA",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "AU-05",
     "name": "Regulatory Examination Response Program",
     "requirement_id": "Trust Portal",
     "fit": "adjacent"
    },
    {
     "domain": "compliance",
     "control": "AU-07",
     "name": "Multi-Framework Evidence Reuse",
     "requirement_id": "Enterprise DPA",
     "fit": "adjacent"
    },
    {
     "domain": "compliance",
     "control": "AU-08",
     "name": "ComplianceAttestation Production",
     "requirement_id": "Trust Portal",
     "fit": "adjacent"
    },
    {
     "domain": "compliance",
     "control": "CG-01",
     "name": "Compliance Governance Structure",
     "requirement_id": "Enterprise DPA",
     "fit": "adjacent"
    },
    {
     "domain": "compliance",
     "control": "CG-02",
     "name": "Compliance Policy Framework for AI",
     "requirement_id": "Enterprise DPA",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CG-03",
     "name": "Senior and Board-Level Accountability for AI Compliance",
     "requirement_id": "Enterprise DPA",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CG-04",
     "name": "Compliance Risk Appetite Definition",
     "requirement_id": "Usage Policies",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CG-05",
     "name": "Compliance Program Resourcing",
     "requirement_id": "Enterprise DPA",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CG-06",
     "name": "Compliance Incident Response",
     "requirement_id": "Enterprise DPA",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CG-07",
     "name": "Compliance Program Metrics and KPIs",
     "requirement_id": "Data residency commitments",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CG-08",
     "name": "Compliance Governance Evidence Package",
     "requirement_id": "Enterprise DPA",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MR-05",
     "name": "Ongoing Model Risk Monitoring",
     "requirement_id": "Enterprise Compliance API — audit logs",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MR-06",
     "name": "Third-Party and Vendor AI Model Risk Management",
     "requirement_id": "Enterprise privacy — compliance commitments",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MR-07",
     "name": "Emerging Model Risk Identification",
     "requirement_id": "Enterprise Compliance API — audit logs",
     "fit": "adjacent"
    },
    {
     "domain": "finance",
     "control": "MR-08",
     "name": "Model Risk Evidence Package",
     "requirement_id": "Enterprise privacy — compliance commitments",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MV-01",
     "name": "Independent Validation Function Charter",
     "requirement_id": "Enterprise Compliance API — audit logs",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MV-03",
     "name": "Outcome Analysis and Backtesting",
     "requirement_id": "Enterprise Compliance API — audit logs",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MV-05",
     "name": "Validation Frequency and Trigger-Based Review",
     "requirement_id": "API model versioning & deprecation policy",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MV-06",
     "name": "Validation Scope for AI/ML and LLM Models",
     "requirement_id": "Zero data retention (API)",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MV-07",
     "name": "Validation Finding Escalation and Remediation",
     "requirement_id": "Enterprise privacy — compliance commitments",
     "fit": "adjacent"
    },
    {
     "domain": "finance",
     "control": "MV-08",
     "name": "Model Validation Evidence Package",
     "requirement_id": "Enterprise Compliance API — audit logs",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FD-01",
     "name": "AI-Driven Decision Transparency and Auditability",
     "requirement_id": "Enterprise Compliance API — audit logs",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FD-04",
     "name": "Model Output Disclosure to Financial Regulators",
     "requirement_id": "Enterprise Compliance API — audit logs",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FD-07",
     "name": "Model Transparency Dashboard for Senior Management",
     "requirement_id": "Enterprise Compliance API — audit logs",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FD-08",
     "name": "Financial Disclosure Evidence Package",
     "requirement_id": "Enterprise Compliance API — audit logs",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FC-01",
     "name": "SOX 302/404 Controls over AI-Generated Financial Data",
     "requirement_id": "Enterprise Compliance API — audit logs",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FC-03",
     "name": "Reconciliation Controls for AI-Influenced Financial Outputs",
     "requirement_id": "API model versioning & deprecation policy",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FC-04",
     "name": "Change Management Controls for Financial AI Systems",
     "requirement_id": "API model versioning & deprecation policy",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FC-05",
     "name": "Access Controls for Financial AI Systems",
     "requirement_id": "Data Processing Addendum",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FC-06",
     "name": "AI Operational Error and Financial Exception Management",
     "requirement_id": "Enterprise Compliance API — audit logs",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FC-07",
     "name": "Financial Data Integrity Monitoring",
     "requirement_id": "Zero data retention (API)",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FC-08",
     "name": "Financial Controls Evidence Package",
     "requirement_id": "Enterprise Compliance API — audit logs",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FP-02",
     "name": "Prohibited AI Use Cases in Financial Services",
     "requirement_id": "Enterprise privacy — compliance commitments",
     "fit": "adjacent"
    },
    {
     "domain": "finance",
     "control": "FP-04",
     "name": "AI Procurement and Vendor Management Policy for Finance",
     "requirement_id": "Data Processing Addendum",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FP-06",
     "name": "Financial AI Change Control Policy",
     "requirement_id": "API model versioning & deprecation policy",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FP-07",
     "name": "AI Exception and Escalation Policy",
     "requirement_id": "Enterprise Compliance API — audit logs",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FP-08",
     "name": "Financial Policy Evidence Package",
     "requirement_id": "Enterprise Compliance API — audit logs",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FG-01",
     "name": "Finance AI Governance Structure",
     "requirement_id": "Enterprise privacy — compliance commitments",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FG-02",
     "name": "Senior and Named Accountability for Financial AI Decisions",
     "requirement_id": "Data Processing Addendum",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FG-04",
     "name": "Regulatory Relationship Management",
     "requirement_id": "Enterprise privacy — compliance commitments",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FG-05",
     "name": "Finance AI Incident Response Integration",
     "requirement_id": "Enterprise Compliance API — audit logs",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FG-08",
     "name": "FinanceAttestation Production",
     "requirement_id": "Enterprise Compliance API — audit logs",
     "fit": "partial"
    }
   ],
   "source_refs": [
    {
     "domain": "compliance",
     "control": "CA-01",
     "name": "Regulatory Scope Determination",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CA-02",
     "name": "Compliance Framework Selection and Mapping",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CA-04",
     "name": "Design-Time Compliance Classification",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CA-05",
     "name": "Regulatory Change Management",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CA-07",
     "name": "Third-Party and Supply Chain Compliance Obligations",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CA-08",
     "name": "Compliance Architecture Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "OB-01",
     "name": "Obligation Register",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "OB-04",
     "name": "EU AI Act Conformity Assessment Obligation Management",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "OB-06",
     "name": "Contractual AI Obligation Management",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "RF-01",
     "name": "EU AI Act High-Risk AI System Classification",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "RF-03",
     "name": "EU AI Act Technical Documentation Package (Art. 11)",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "RF-05",
     "name": "FedRAMP Authorization Support for AI Systems",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "RF-06",
     "name": "SOC 2 AI-Specific Evidence Production",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "RF-07",
     "name": "ISO 42001 Certification Pathway",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CI-02",
     "name": "Continuous Compliance Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CI-05",
     "name": "Compliance Training and Awareness Program",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CI-08",
     "name": "Compliance Implementation Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "AU-02",
     "name": "Evidence Collection, Curation, and Validation",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "AU-05",
     "name": "Regulatory Examination Response Program",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "AU-07",
     "name": "Multi-Framework Evidence Reuse",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "AU-08",
     "name": "ComplianceAttestation Production",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CG-01",
     "name": "Compliance Governance Structure",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CG-02",
     "name": "Compliance Policy Framework for AI",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CG-03",
     "name": "Senior and Board-Level Accountability for AI Compliance",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CG-04",
     "name": "Compliance Risk Appetite Definition",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CG-05",
     "name": "Compliance Program Resourcing",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CG-06",
     "name": "Compliance Incident Response",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CG-07",
     "name": "Compliance Program Metrics and KPIs",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CG-08",
     "name": "Compliance Governance Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MR-05",
     "name": "Ongoing Model Risk Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MR-06",
     "name": "Third-Party and Vendor AI Model Risk Management",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MR-07",
     "name": "Emerging Model Risk Identification",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MR-08",
     "name": "Model Risk Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MV-01",
     "name": "Independent Validation Function Charter",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MV-03",
     "name": "Outcome Analysis and Backtesting",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MV-05",
     "name": "Validation Frequency and Trigger-Based Review",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MV-06",
     "name": "Validation Scope for AI/ML and LLM Models",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MV-07",
     "name": "Validation Finding Escalation and Remediation",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MV-08",
     "name": "Model Validation Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FD-01",
     "name": "AI-Driven Decision Transparency and Auditability",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FD-02",
     "name": "ECOA/Reg B Adverse Action Notice for AI Decisions",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FD-04",
     "name": "Model Output Disclosure to Financial Regulators",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FD-06",
     "name": "AI System Disclosure in Financial Filings",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FD-07",
     "name": "Model Transparency Dashboard for Senior Management",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FD-08",
     "name": "Financial Disclosure Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FC-01",
     "name": "SOX 302/404 Controls over AI-Generated Financial Data",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FC-02",
     "name": "AI-Generated Output Materiality Assessment",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FC-03",
     "name": "Reconciliation Controls for AI-Influenced Financial Outputs",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FC-04",
     "name": "Change Management Controls for Financial AI Systems",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FC-05",
     "name": "Access Controls for Financial AI Systems",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FC-06",
     "name": "AI Operational Error and Financial Exception Management",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FC-07",
     "name": "Financial Data Integrity Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FC-08",
     "name": "Financial Controls Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FP-02",
     "name": "Prohibited AI Use Cases in Financial Services",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FP-04",
     "name": "AI Procurement and Vendor Management Policy for Finance",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FP-05",
     "name": "Data Governance Policy for Financial AI",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FP-06",
     "name": "Financial AI Change Control Policy",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FP-07",
     "name": "AI Exception and Escalation Policy",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FP-08",
     "name": "Financial Policy Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FG-01",
     "name": "Finance AI Governance Structure",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FG-02",
     "name": "Senior and Named Accountability for Financial AI Decisions",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FG-04",
     "name": "Regulatory Relationship Management",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FG-05",
     "name": "Finance AI Incident Response Integration",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FG-08",
     "name": "FinanceAttestation Production",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {
    "compliance": 27,
    "finance": 31
   },
   "title": "OpenAI Enterprise Privacy",
   "total": 122
  },
  {
   "source_id": "iso_37301",
   "framework_refs": [
    {
     "domain": "compliance",
     "control": "CA-01",
     "name": "Regulatory Scope Determination",
     "requirement_id": "§4.5",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CA-02",
     "name": "Compliance Framework Selection and Mapping",
     "requirement_id": "§6.2",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CA-03",
     "name": "Cross-Domain Evidence Routing",
     "requirement_id": "§8.1",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CA-04",
     "name": "Design-Time Compliance Classification",
     "requirement_id": "§9.1",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CA-05",
     "name": "Regulatory Change Management",
     "requirement_id": "§9.1",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CA-06",
     "name": "Compliance Obligation Gap Analysis",
     "requirement_id": "§9.2",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CA-07",
     "name": "Third-Party and Supply Chain Compliance Obligations",
     "requirement_id": "§8.1",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CA-08",
     "name": "Compliance Architecture Evidence Package",
     "requirement_id": "§10.1",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "OB-01",
     "name": "Obligation Register",
     "requirement_id": "§4.5",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "OB-02",
     "name": "Obligation Owner Assignment",
     "requirement_id": "§5.3",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "OB-03",
     "name": "Obligation Due Date and Milestone Tracking",
     "requirement_id": "§8.1",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "OB-04",
     "name": "EU AI Act Conformity Assessment Obligation Management",
     "requirement_id": "§4.5",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "OB-05",
     "name": "DORA ICT Obligation Tracking",
     "requirement_id": "§4.5",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "OB-06",
     "name": "Contractual AI Obligation Management",
     "requirement_id": "§4.5",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "OB-07",
     "name": "Obligation Fulfillment Verification",
     "requirement_id": "§9.1",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "OB-08",
     "name": "Obligations Evidence Package",
     "requirement_id": "§9.2",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "RF-01",
     "name": "EU AI Act High-Risk AI System Classification",
     "requirement_id": "§4.6",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "RF-02",
     "name": "EU AI Act Conformity Assessment Pathway Selection",
     "requirement_id": "§8.1",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "RF-03",
     "name": "EU AI Act Technical Documentation Package (Art. 11)",
     "requirement_id": "§7.5",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "RF-04",
     "name": "EU AI Act Post-Market Monitoring Plan (Art. 72)",
     "requirement_id": "§9.1",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "RF-06",
     "name": "SOC 2 AI-Specific Evidence Production",
     "requirement_id": "§9.1.3",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "RF-07",
     "name": "ISO 42001 Certification Pathway",
     "requirement_id": "§4–10",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "RF-08",
     "name": "Regulatory Framework Evidence Package",
     "requirement_id": "§9.1",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CI-01",
     "name": "Compliance Control Testing Program",
     "requirement_id": "§9.1.2",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CI-02",
     "name": "Continuous Compliance Monitoring",
     "requirement_id": "§9.1.1",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CI-03",
     "name": "AI-Specific Compliance KPIs",
     "requirement_id": "§9.1.3",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CI-04",
     "name": "Compliance Tooling Implementation",
     "requirement_id": "§7.5",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CI-05",
     "name": "Compliance Training and Awareness Program",
     "requirement_id": "§7.3",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CI-06",
     "name": "Internal Audit of AI Compliance Controls",
     "requirement_id": "§9.2",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CI-07",
     "name": "Remediation Tracking and Closure",
     "requirement_id": "§10.2",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CI-08",
     "name": "Compliance Implementation Evidence Package",
     "requirement_id": "§9.3",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "AU-01",
     "name": "Audit Readiness Program",
     "requirement_id": "§9.2",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "AU-02",
     "name": "Evidence Collection, Curation, and Validation",
     "requirement_id": "§7.5.3",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "AU-03",
     "name": "Auditor Access and Cooperation Protocols",
     "requirement_id": "§9.3.2",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "AU-05",
     "name": "Regulatory Examination Response Program",
     "requirement_id": "§10.2",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "AU-06",
     "name": "Audit Finding Remediation Program",
     "requirement_id": "§10.2",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "AU-07",
     "name": "Multi-Framework Evidence Reuse",
     "requirement_id": "§4.5",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "AU-08",
     "name": "ComplianceAttestation Production",
     "requirement_id": "§9.1.5",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CG-01",
     "name": "Compliance Governance Structure",
     "requirement_id": "§5.1",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CG-02",
     "name": "Compliance Policy Framework for AI",
     "requirement_id": "§8.1",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CG-03",
     "name": "Senior and Board-Level Accountability for AI Compliance",
     "requirement_id": "§5.1",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CG-04",
     "name": "Compliance Risk Appetite Definition",
     "requirement_id": "§6.1",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CG-05",
     "name": "Compliance Program Resourcing",
     "requirement_id": "§7.1",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CG-06",
     "name": "Compliance Incident Response",
     "requirement_id": "§10.2",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CG-07",
     "name": "Compliance Program Metrics and KPIs",
     "requirement_id": "§9.1",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CG-08",
     "name": "Compliance Governance Evidence Package",
     "requirement_id": "§9.2 and §9.3",
     "fit": "direct"
    },
    {
     "domain": "authority",
     "control": "PV-03",
     "name": "Intended Purpose Alignment Review",
     "requirement_id": "§ 9.1 — Monitoring, measurement, analysis and evaluation",
     "fit": "direct"
    },
    {
     "domain": "authority",
     "control": "PV-04",
     "name": "Authorized Knowledge Source Registry",
     "requirement_id": "§ 8.1 — Operational planning and control",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PA-01",
     "name": "Delegation of Authority Integration",
     "requirement_id": "§ 7.2 — Competence",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PA-02",
     "name": "Approval Limit Enforcement",
     "requirement_id": "§ 8.1 — Operational planning and control",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PA-03",
     "name": "Escalation Gate Design and Testing",
     "requirement_id": "§ 8.1 — Operational planning and control",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PA-05",
     "name": "Multi-Party Approval Workflow",
     "requirement_id": "§ 8.1 — Operational planning and control",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PA-06",
     "name": "Emergency Override and Break-Glass",
     "requirement_id": "§ 4.6 — Compliance risk assessment",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PA-07",
     "name": "Approval Record and Audit Trail",
     "requirement_id": "§ 9.1 — Monitoring, measurement, analysis and evaluation",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PA-08",
     "name": "Authority Scope Change Notification",
     "requirement_id": "§ 6.3 — Planning of changes",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PO-01",
     "name": "Internal Policy Register for AI Deployments",
     "requirement_id": "§7.5 — Documented information",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PO-02",
     "name": "Policy Version Control and Distribution",
     "requirement_id": "§7.5 — Documented information",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PO-03",
     "name": "Contractual Obligation Extraction",
     "requirement_id": "§8.1 — Operational planning and control",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PO-04",
     "name": "Contract Term Conflict Detection",
     "requirement_id": "§8.1 — Operational planning and control",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PO-05",
     "name": "Data Use Policy Enforcement",
     "requirement_id": "§8.1 — Operational planning and control",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PO-06",
     "name": "Communication and Commitment Policy",
     "requirement_id": "§8.1 — Operational planning and control",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PO-07",
     "name": "Third-Party Policy Requirements",
     "requirement_id": "§8.1 — Operational planning and control",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PO-08",
     "name": "Policy Obligation Gap Analysis",
     "requirement_id": "§9.1 — Monitoring, measurement, analysis and evaluation",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PR-01",
     "name": "AI Procurement Policy Integration",
     "requirement_id": "§8.1 — Operational planning and control",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PR-02",
     "name": "AI-Initiated Commitment Controls",
     "requirement_id": "§8.1 — Operational planning and control",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PR-03",
     "name": "Vendor Qualification Enforcement",
     "requirement_id": "§8.1 — Operational planning and control",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PR-04",
     "name": "Contract Review Gate Compliance",
     "requirement_id": "§8.1 — Operational planning and control",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PR-05",
     "name": "SLA Commitment Governance",
     "requirement_id": "§8.1 — Operational planning and control",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PR-06",
     "name": "AI in Contract Negotiation Controls",
     "requirement_id": "§8.1 — Operational planning and control",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PR-07",
     "name": "Contract Obligation Monitoring",
     "requirement_id": "§9.1 — Monitoring, measurement, analysis and evaluation",
     "fit": "direct"
    },
    {
     "domain": "authority",
     "control": "PR-08",
     "name": "Procurement Audit Trail",
     "requirement_id": "§9.1 — Monitoring, measurement, analysis and evaluation",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PG-01",
     "name": "Policy Adherence Monitoring",
     "requirement_id": "§9.1 — Monitoring, measurement, analysis and evaluation",
     "fit": "direct"
    },
    {
     "domain": "authority",
     "control": "PG-02",
     "name": "Authority Limit Monitoring",
     "requirement_id": "§9.1 — Monitoring, measurement, analysis and evaluation",
     "fit": "direct"
    },
    {
     "domain": "authority",
     "control": "PG-03",
     "name": "Contract Obligation Compliance Monitoring",
     "requirement_id": "§9.1 — Monitoring, measurement, analysis and evaluation",
     "fit": "direct"
    },
    {
     "domain": "authority",
     "control": "PG-04",
     "name": "Policy Incident Classification and Response",
     "requirement_id": "§8.2 — Establishing controls and procedures",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PG-06",
     "name": "Operating Intent Drift Detection",
     "requirement_id": "§9.1 — Monitoring, measurement, analysis and evaluation",
     "fit": "direct"
    },
    {
     "domain": "authority",
     "control": "PG-07",
     "name": "Policy Governance Reporting",
     "requirement_id": "§9.1 — Monitoring, measurement, analysis and evaluation",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PG-08",
     "name": "Lessons Learned and Policy Improvement",
     "requirement_id": "§10.1 — Continual improvement",
     "fit": "direct"
    },
    {
     "domain": "authority",
     "control": "PE-01",
     "name": "Policy Evidence Archive",
     "requirement_id": "§7.5 — Documented information",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PE-03",
     "name": "Internal Audit Support Package",
     "requirement_id": "§9.2 — Internal audit",
     "fit": "direct"
    },
    {
     "domain": "authority",
     "control": "PE-04",
     "name": "Cross-Domain Policy Evidence Integration",
     "requirement_id": "§9.1 — Monitoring, measurement, analysis and evaluation",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PE-05",
     "name": "Contract Audit Trail",
     "requirement_id": "§9.1 — Monitoring, measurement, analysis and evaluation",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PE-07",
     "name": "Policy Governance Program Assessment",
     "requirement_id": "§9.2 — Internal audit",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PE-08",
     "name": "Policy Attestation",
     "requirement_id": "§9.1 — Monitoring, measurement, analysis and evaluation",
     "fit": "adjacent"
    }
   ],
   "source_refs": [
    {
     "domain": "authority",
     "control": "PV-03",
     "name": "Intended Purpose Alignment Review",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PV-04",
     "name": "Authorized Knowledge Source Registry",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PA-01",
     "name": "Delegation of Authority Integration",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PA-02",
     "name": "Approval Limit Enforcement",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PA-03",
     "name": "Escalation Gate Design and Testing",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PA-05",
     "name": "Multi-Party Approval Workflow",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PA-06",
     "name": "Emergency Override and Break-Glass",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PA-07",
     "name": "Approval Record and Audit Trail",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PA-08",
     "name": "Authority Scope Change Notification",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PO-01",
     "name": "Internal Policy Register for AI Deployments",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PO-02",
     "name": "Policy Version Control and Distribution",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PO-03",
     "name": "Contractual Obligation Extraction",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PO-04",
     "name": "Contract Term Conflict Detection",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PO-05",
     "name": "Data Use Policy Enforcement",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PO-06",
     "name": "Communication and Commitment Policy",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PO-07",
     "name": "Third-Party Policy Requirements",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PO-08",
     "name": "Policy Obligation Gap Analysis",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PR-01",
     "name": "AI Procurement Policy Integration",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PR-02",
     "name": "AI-Initiated Commitment Controls",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PR-03",
     "name": "Vendor Qualification Enforcement",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PR-04",
     "name": "Contract Review Gate Compliance",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PR-05",
     "name": "SLA Commitment Governance",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PR-06",
     "name": "AI in Contract Negotiation Controls",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PR-07",
     "name": "Contract Obligation Monitoring",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PR-08",
     "name": "Procurement Audit Trail",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PG-01",
     "name": "Policy Adherence Monitoring",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PG-02",
     "name": "Authority Limit Monitoring",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PG-03",
     "name": "Contract Obligation Compliance Monitoring",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PG-04",
     "name": "Policy Incident Classification and Response",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PG-07",
     "name": "Policy Governance Reporting",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PG-08",
     "name": "Lessons Learned and Policy Improvement",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PE-01",
     "name": "Policy Evidence Archive",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PE-03",
     "name": "Internal Audit Support Package",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PE-05",
     "name": "Contract Audit Trail",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PE-07",
     "name": "Policy Governance Program Assessment",
     "relationship": "normative_requirement"
    }
   ],
   "by_domain": {
    "compliance": 46,
    "authority": 38
   },
   "title": "ISO 37301:2021",
   "total": 119
  },
  {
   "source_id": "sr26_2",
   "framework_refs": [
    {
     "domain": "model",
     "control": "LI-01",
     "name": "Unique Model Identity and Content-Addressed Version Hash",
     "requirement_id": "Sec. VI",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "LI-04",
     "name": "Structured Model Documentation — Complete Model Card with All Required Sections",
     "requirement_id": "Sec. IV",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "TG-01",
     "name": "Training Data Quality Gates",
     "requirement_id": "Sec. IV",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "TG-02",
     "name": "Bias and Representativeness Assessment",
     "requirement_id": "Sec. IV",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "TG-03",
     "name": "Data Rights, Lawful Authority and Permitted Use",
     "requirement_id": "Sec. IV",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "TG-04",
     "name": "Data Poisoning Prevention",
     "requirement_id": "Sec. IV",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "TG-05",
     "name": "Train/Evaluation/Test Separation and Contamination Prevention",
     "requirement_id": "Sec. V",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "TG-07",
     "name": "Third-Party Dataset Governance",
     "requirement_id": "Sec. VII",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "EV-01",
     "name": "Pre-Deployment Evaluation Gate",
     "requirement_id": "Sec. V",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "EV-02",
     "name": "Fitness, Safety, Reliability and Policy-Conformance Evaluation",
     "requirement_id": "Sec. V",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "EV-04",
     "name": "Adversarial Red-Team Testing",
     "requirement_id": "Sec. V",
     "fit": "adjacent"
    },
    {
     "domain": "model",
     "control": "EV-05",
     "name": "Fairness and Bias Evaluation",
     "requirement_id": "Sec. V",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "EV-06",
     "name": "Reproducible Evaluation Design",
     "requirement_id": "Sec. V",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "EV-07",
     "name": "Regression Testing on Updates",
     "requirement_id": "Sec. V",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "EV-08",
     "name": "Independent Validation",
     "requirement_id": "Sec. V",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "EV-09",
     "name": "Risk and Applicability Classification",
     "requirement_id": "Sec. VI",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "EV-10",
     "name": "Evaluation Result Provenance",
     "requirement_id": "Sec. V",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "OA-01",
     "name": "Model Ownership Assignment",
     "requirement_id": "Sec. VI",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "OA-02",
     "name": "Meaningful Human Oversight for High-Stakes Decisions",
     "requirement_id": "Sec. IV",
     "fit": "adjacent"
    },
    {
     "domain": "model",
     "control": "OA-03",
     "name": "AI Model Governance Committee",
     "requirement_id": "Sec. VI",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "OA-05",
     "name": "Regulatory and Legal Review Sign-Off",
     "requirement_id": "Sec. VI",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "OA-06",
     "name": "Third-Party Model and Vendor Risk Oversight",
     "requirement_id": "Sec. VII",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "OA-07",
     "name": "Incident Escalation Authority Chain",
     "requirement_id": "Sec. VI",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "BH-01",
     "name": "Output Anomaly Detection",
     "requirement_id": "Sec. V",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "BH-02",
     "name": "Concept and Data Drift Detection",
     "requirement_id": "Sec. V",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "BH-03",
     "name": "Production Performance Degradation Alerting",
     "requirement_id": "Sec. V",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "BH-05",
     "name": "Usage Telemetry and Decision Logging",
     "requirement_id": "Sec. VI",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "CR-01",
     "name": "Continuous Production Monitoring and Risk Aggregation",
     "requirement_id": "Sec. V",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "CR-02",
     "name": "Model Evidence Archive and Audit Trail",
     "requirement_id": "Sec. VI",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "CR-03",
     "name": "Scheduled Model Re-validation",
     "requirement_id": "Sec. V",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "CR-04",
     "name": "AI Incident Response Management",
     "requirement_id": "Sec. V",
     "fit": "adjacent"
    },
    {
     "domain": "model",
     "control": "CR-05",
     "name": "Regulatory Notification and Statutory Reporting",
     "requirement_id": "Sec. VI",
     "fit": "adjacent"
    },
    {
     "domain": "model",
     "control": "CR-06",
     "name": "Post-Market Surveillance",
     "requirement_id": "Sec. V",
     "fit": "adjacent"
    },
    {
     "domain": "model",
     "control": "CR-08",
     "name": "Cross-Domain Assurance Coordination",
     "requirement_id": "Sec. VI",
     "fit": "adjacent"
    },
    {
     "domain": "finance",
     "control": "MR-01",
     "name": "SR 26-2 Model Inventory and Risk Tiering",
     "requirement_id": "§VI (Model Inventory)",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "MR-02",
     "name": "Model Risk Governance Policy Framework",
     "requirement_id": "§VI (Governance and Controls)",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "MR-03",
     "name": "Pre-Deployment Model Risk Assessment",
     "requirement_id": "§V (Validation and Monitoring)",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "MR-04",
     "name": "Model Risk Appetite and Material Model Thresholds",
     "requirement_id": "§III (Overview of Model Risk and MRM)",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "MR-05",
     "name": "Ongoing Model Risk Monitoring",
     "requirement_id": "§V (Ongoing Model Monitoring)",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "MR-06",
     "name": "Third-Party and Vendor AI Model Risk Management",
     "requirement_id": "§VII (Vendor and Third-Party)",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "MR-07",
     "name": "Emerging Model Risk Identification",
     "requirement_id": "§III (Overview of Model Risk and MRM)",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "MR-08",
     "name": "Model Risk Evidence Package",
     "requirement_id": "§VI (Documentation)",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "MV-01",
     "name": "Independent Validation Function Charter",
     "requirement_id": "§V (Validation and Monitoring)",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "MV-02",
     "name": "Conceptual Soundness Assessment",
     "requirement_id": "§V (Conceptual Soundness)",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "MV-03",
     "name": "Outcome Analysis and Backtesting",
     "requirement_id": "§V (Outcomes Analysis)",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "MV-04",
     "name": "Benchmarking and Challenger Models",
     "requirement_id": "§V (Conceptual Soundness)",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "MV-05",
     "name": "Validation Frequency and Trigger-Based Review",
     "requirement_id": "§V (Ongoing Model Monitoring)",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "MV-06",
     "name": "Validation Scope for AI/ML and LLM Models",
     "requirement_id": "§V (Validation and Monitoring)",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MV-07",
     "name": "Validation Finding Escalation and Remediation",
     "requirement_id": "§V + §VI",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "MV-08",
     "name": "Model Validation Evidence Package",
     "requirement_id": "§VI (Documentation)",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FD-04",
     "name": "Model Output Disclosure to Financial Regulators",
     "requirement_id": "§VI (Documentation)",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FD-07",
     "name": "Model Transparency Dashboard for Senior Management",
     "requirement_id": "§V (Ongoing Model Monitoring)",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FD-08",
     "name": "Financial Disclosure Evidence Package",
     "requirement_id": "§VI (Documentation)",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FC-01",
     "name": "SOX 302/404 Controls over AI-Generated Financial Data",
     "requirement_id": "§V (Validation and Monitoring)",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FC-04",
     "name": "Change Management Controls for Financial AI Systems",
     "requirement_id": "§V",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FC-06",
     "name": "AI Operational Error and Financial Exception Management",
     "requirement_id": "§V (Ongoing Model Monitoring)",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FC-07",
     "name": "Financial Data Integrity Monitoring",
     "requirement_id": "§IV",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FP-01",
     "name": "AI Use Policy for Financial Decision-Making",
     "requirement_id": "§VI (Governance and Controls)",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FP-02",
     "name": "Prohibited AI Use Cases in Financial Services",
     "requirement_id": "§VI (Governance and Controls)",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FP-03",
     "name": "Financial AI Risk Appetite Statement",
     "requirement_id": "§III (Overview of Model Risk and MRM)",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FP-04",
     "name": "AI Procurement and Vendor Management Policy for Finance",
     "requirement_id": "§VII (Vendor and Third-Party)",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FP-05",
     "name": "Data Governance Policy for Financial AI",
     "requirement_id": "§IV",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FP-06",
     "name": "Financial AI Change Control Policy",
     "requirement_id": "§V",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FP-07",
     "name": "AI Exception and Escalation Policy",
     "requirement_id": "§VI (Governance and Controls)",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FP-08",
     "name": "Financial Policy Evidence Package",
     "requirement_id": "§VI (Documentation)",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FG-01",
     "name": "Finance AI Governance Structure",
     "requirement_id": "§VI (Governance and Controls)",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FG-02",
     "name": "Senior and Named Accountability for Financial AI Decisions",
     "requirement_id": "§VI (Roles and Responsibilities)",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FG-03",
     "name": "Board-Level Oversight of Financial AI Risk",
     "requirement_id": "§VI (Roles and Responsibilities)",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FG-06",
     "name": "Financial AI Program Metrics and Board Reporting",
     "requirement_id": "§VI (Roles and Responsibilities)",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FG-07",
     "name": "Annual AI Governance Review",
     "requirement_id": "§VI (Governance and Controls)",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FG-08",
     "name": "FinanceAttestation Production",
     "requirement_id": "§VI (Documentation)",
     "fit": "direct"
    }
   ],
   "source_refs": [
    {
     "domain": "model",
     "control": "LI-01",
     "name": "Unique Model Identity and Content-Addressed Version Hash",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "model",
     "control": "LI-04",
     "name": "Structured Model Documentation — Complete Model Card with All Required Sections",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "model",
     "control": "TG-02",
     "name": "Bias and Representativeness Assessment",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "model",
     "control": "TG-03",
     "name": "Data Rights, Lawful Authority and Permitted Use",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "model",
     "control": "TG-05",
     "name": "Train/Evaluation/Test Separation and Contamination Prevention",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "model",
     "control": "TG-07",
     "name": "Third-Party Dataset Governance",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "model",
     "control": "EV-01",
     "name": "Pre-Deployment Evaluation Gate",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "model",
     "control": "EV-07",
     "name": "Regression Testing on Updates",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "model",
     "control": "EV-08",
     "name": "Independent Validation",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "model",
     "control": "EV-09",
     "name": "Risk and Applicability Classification",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "model",
     "control": "EV-10",
     "name": "Evaluation Result Provenance",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "model",
     "control": "OA-01",
     "name": "Model Ownership Assignment",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "model",
     "control": "OA-03",
     "name": "AI Model Governance Committee",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "model",
     "control": "OA-05",
     "name": "Regulatory and Legal Review Sign-Off",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "model",
     "control": "OA-06",
     "name": "Third-Party Model and Vendor Risk Oversight",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "model",
     "control": "BH-02",
     "name": "Concept and Data Drift Detection",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "model",
     "control": "BH-03",
     "name": "Production Performance Degradation Alerting",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "model",
     "control": "BH-05",
     "name": "Usage Telemetry and Decision Logging",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "model",
     "control": "CR-01",
     "name": "Continuous Production Monitoring and Risk Aggregation",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "model",
     "control": "CR-02",
     "name": "Model Evidence Archive and Audit Trail",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "model",
     "control": "CR-03",
     "name": "Scheduled Model Re-validation",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "model",
     "control": "CR-04",
     "name": "AI Incident Response Management",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "model",
     "control": "CR-05",
     "name": "Regulatory Notification and Statutory Reporting",
     "relationship": "supporting_guidance"
    }
   ],
   "by_domain": {
    "model": 34,
    "finance": 37
   },
   "title": "Federal Reserve SR 26-2",
   "total": 94
  },
  {
   "source_id": "microsoft_purview_compliance_2024",
   "framework_refs": [
    {
     "domain": "compliance",
     "control": "CA-01",
     "name": "Regulatory Scope Determination",
     "requirement_id": "Assessment template",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CA-02",
     "name": "Compliance Framework Selection and Mapping",
     "requirement_id": "Control mapping",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CA-03",
     "name": "Cross-Domain Evidence Routing",
     "requirement_id": "Improvement Action",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CA-04",
     "name": "Design-Time Compliance Classification",
     "requirement_id": "Assessment template",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CA-05",
     "name": "Regulatory Change Management",
     "requirement_id": "Assessment template",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CA-06",
     "name": "Compliance Obligation Gap Analysis",
     "requirement_id": "Improvement Action",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CA-07",
     "name": "Third-Party and Supply Chain Compliance Obligations",
     "requirement_id": "Assessment template",
     "fit": "adjacent"
    },
    {
     "domain": "compliance",
     "control": "CA-08",
     "name": "Compliance Architecture Evidence Package",
     "requirement_id": "Compliance Score",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "OB-01",
     "name": "Obligation Register",
     "requirement_id": "Assessment template",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "OB-02",
     "name": "Obligation Owner Assignment",
     "requirement_id": "Improvement Action",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "OB-03",
     "name": "Obligation Due Date and Milestone Tracking",
     "requirement_id": "Improvement Action",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "OB-04",
     "name": "EU AI Act Conformity Assessment Obligation Management",
     "requirement_id": "Assessment template",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "OB-05",
     "name": "DORA ICT Obligation Tracking",
     "requirement_id": "Assessment template",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "OB-06",
     "name": "Contractual AI Obligation Management",
     "requirement_id": "Control mapping",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "OB-07",
     "name": "Obligation Fulfillment Verification",
     "requirement_id": "Compliance Score",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "OB-08",
     "name": "Obligations Evidence Package",
     "requirement_id": "Compliance Score",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "RF-01",
     "name": "EU AI Act High-Risk AI System Classification",
     "requirement_id": "Assessment template — EU AI Act",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "RF-02",
     "name": "EU AI Act Conformity Assessment Pathway Selection",
     "requirement_id": "Assessment template — EU AI Act",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "RF-03",
     "name": "EU AI Act Technical Documentation Package (Art. 11)",
     "requirement_id": "Assessment template — EU AI Act",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "RF-04",
     "name": "EU AI Act Post-Market Monitoring Plan (Art. 72)",
     "requirement_id": "Improvement Action",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "RF-05",
     "name": "FedRAMP Authorization Support for AI Systems",
     "requirement_id": "FedRAMP High & DoD IL5",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "RF-06",
     "name": "SOC 2 AI-Specific Evidence Production",
     "requirement_id": "Assessment template",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "RF-07",
     "name": "ISO 42001 Certification Pathway",
     "requirement_id": "ISO 42001 assessment",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CI-01",
     "name": "Compliance Control Testing Program",
     "requirement_id": "Improvement actions",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CI-02",
     "name": "Continuous Compliance Monitoring",
     "requirement_id": "Compliance score monitoring",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CI-03",
     "name": "AI-Specific Compliance KPIs",
     "requirement_id": "Compliance score",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CI-04",
     "name": "Compliance Tooling Implementation",
     "requirement_id": "Compliance Manager platform",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CI-06",
     "name": "Internal Audit of AI Compliance Controls",
     "requirement_id": "Assessment template",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CI-07",
     "name": "Remediation Tracking and Closure",
     "requirement_id": "Improvement Action",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CI-08",
     "name": "Compliance Implementation Evidence Package",
     "requirement_id": "Assessment template",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "AU-01",
     "name": "Audit Readiness Program",
     "requirement_id": "Assessment template",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "AU-02",
     "name": "Evidence Collection, Curation, and Validation",
     "requirement_id": "Control mapping",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "AU-03",
     "name": "Auditor Access and Cooperation Protocols",
     "requirement_id": "Assessment template",
     "fit": "adjacent"
    },
    {
     "domain": "compliance",
     "control": "AU-04",
     "name": "Audit Trail Integrity",
     "requirement_id": "Compliance Score",
     "fit": "adjacent"
    },
    {
     "domain": "compliance",
     "control": "AU-05",
     "name": "Regulatory Examination Response Program",
     "requirement_id": "Assessment template",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "AU-06",
     "name": "Audit Finding Remediation Program",
     "requirement_id": "Improvement Action",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "AU-07",
     "name": "Multi-Framework Evidence Reuse",
     "requirement_id": "Improvement Actions",
     "fit": "adjacent"
    },
    {
     "domain": "compliance",
     "control": "AU-08",
     "name": "ComplianceAttestation Production",
     "requirement_id": "Compliance Score",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CG-01",
     "name": "Compliance Governance Structure",
     "requirement_id": "Assessment template",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CG-02",
     "name": "Compliance Policy Framework for AI",
     "requirement_id": "Assessment template",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CG-03",
     "name": "Senior and Board-Level Accountability for AI Compliance",
     "requirement_id": "Compliance Score",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CG-04",
     "name": "Compliance Risk Appetite Definition",
     "requirement_id": "Compliance Score",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CG-05",
     "name": "Compliance Program Resourcing",
     "requirement_id": "Assessment template",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CG-06",
     "name": "Compliance Incident Response",
     "requirement_id": "Improvement Action",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CG-07",
     "name": "Compliance Program Metrics and KPIs",
     "requirement_id": "Compliance Score",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CG-08",
     "name": "Compliance Governance Evidence Package",
     "requirement_id": "Assessment template",
     "fit": "direct"
    }
   ],
   "source_refs": [
    {
     "domain": "compliance",
     "control": "CA-01",
     "name": "Regulatory Scope Determination",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CA-02",
     "name": "Compliance Framework Selection and Mapping",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CA-03",
     "name": "Cross-Domain Evidence Routing",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CA-04",
     "name": "Design-Time Compliance Classification",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CA-05",
     "name": "Regulatory Change Management",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CA-06",
     "name": "Compliance Obligation Gap Analysis",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CA-07",
     "name": "Third-Party and Supply Chain Compliance Obligations",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CA-08",
     "name": "Compliance Architecture Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "OB-01",
     "name": "Obligation Register",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "OB-02",
     "name": "Obligation Owner Assignment",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "OB-03",
     "name": "Obligation Due Date and Milestone Tracking",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "OB-04",
     "name": "EU AI Act Conformity Assessment Obligation Management",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "OB-05",
     "name": "DORA ICT Obligation Tracking",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "OB-06",
     "name": "Contractual AI Obligation Management",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "OB-07",
     "name": "Obligation Fulfillment Verification",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "OB-08",
     "name": "Obligations Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "RF-01",
     "name": "EU AI Act High-Risk AI System Classification",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "RF-02",
     "name": "EU AI Act Conformity Assessment Pathway Selection",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "RF-03",
     "name": "EU AI Act Technical Documentation Package (Art. 11)",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "RF-04",
     "name": "EU AI Act Post-Market Monitoring Plan (Art. 72)",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "RF-05",
     "name": "FedRAMP Authorization Support for AI Systems",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "RF-06",
     "name": "SOC 2 AI-Specific Evidence Production",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "RF-07",
     "name": "ISO 42001 Certification Pathway",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "RF-08",
     "name": "Regulatory Framework Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CI-01",
     "name": "Compliance Control Testing Program",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CI-02",
     "name": "Continuous Compliance Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CI-03",
     "name": "AI-Specific Compliance KPIs",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CI-04",
     "name": "Compliance Tooling Implementation",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CI-06",
     "name": "Internal Audit of AI Compliance Controls",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CI-07",
     "name": "Remediation Tracking and Closure",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CI-08",
     "name": "Compliance Implementation Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "AU-01",
     "name": "Audit Readiness Program",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "AU-02",
     "name": "Evidence Collection, Curation, and Validation",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "AU-03",
     "name": "Auditor Access and Cooperation Protocols",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "AU-04",
     "name": "Audit Trail Integrity",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "AU-05",
     "name": "Regulatory Examination Response Program",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "AU-06",
     "name": "Audit Finding Remediation Program",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "AU-07",
     "name": "Multi-Framework Evidence Reuse",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "AU-08",
     "name": "ComplianceAttestation Production",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CG-01",
     "name": "Compliance Governance Structure",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CG-02",
     "name": "Compliance Policy Framework for AI",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CG-03",
     "name": "Senior and Board-Level Accountability for AI Compliance",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CG-04",
     "name": "Compliance Risk Appetite Definition",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CG-05",
     "name": "Compliance Program Resourcing",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CG-06",
     "name": "Compliance Incident Response",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CG-07",
     "name": "Compliance Program Metrics and KPIs",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CG-08",
     "name": "Compliance Governance Evidence Package",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {
    "compliance": 46
   },
   "title": "Microsoft Purview Compliance Manager",
   "total": 93
  },
  {
   "source_id": "google_sre_workbook_2018",
   "framework_refs": [
    {
     "domain": "resilience",
     "control": "RV-01",
     "name": "AI System RTO/RPO Definition and Validation",
     "requirement_id": "SLO/Error Budget Policy – Defining and enforcing availability targets",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RV-02",
     "name": "Resilience Control Verification Testing",
     "requirement_id": "Production Readiness Review – Reliability and resilience control verification",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RV-03",
     "name": "Chaos Engineering for AI Systems",
     "requirement_id": "Ch. 22",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RV-04",
     "name": "Recovery Capability Verification After Actual Incident",
     "requirement_id": "Postmortem Culture – Blameless postmortems with tracked action items",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RV-05",
     "name": "Third-Party AI Dependency Resilience Assessment",
     "requirement_id": "Production Readiness Review – Third-party dependency resilience evaluation",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RV-06",
     "name": "Multi-Region and Multi-AZ Resilience Verification",
     "requirement_id": "Error budget policies – Multi-region SLO maintenance and failover",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RV-07",
     "name": "Degraded-Mode AI Operation Testing",
     "requirement_id": "Ch. 22",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RV-08",
     "name": "Resilience Verification Evidence Package",
     "requirement_id": "Postmortem practices and PRR – Resilience evidence from SRE operational artifacts",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RP-01",
     "name": "AI-Specific Business Continuity Plan",
     "requirement_id": "Production readiness review — Availability requirements",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RP-02",
     "name": "AI System Disaster Recovery Plan",
     "requirement_id": "Incident management and Production Readiness Review",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RP-03",
     "name": "Model Rollback and Previous Version Recovery Planning",
     "requirement_id": "Production Readiness Review — Rollback readiness criteria",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RP-04",
     "name": "RAG Index and Knowledge Base Recovery Plan",
     "requirement_id": "Production Readiness Review — Data infrastructure recovery readiness",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RP-05",
     "name": "Recovery Priority Classification for AI Systems",
     "requirement_id": "Error budget policies — Service tier definition by SLO",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RP-06",
     "name": "Third-Party AI Provider Outage Response Plan",
     "requirement_id": "Cascading failure prevention",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RP-07",
     "name": "Recovery Plan Testing and Tabletop Exercises",
     "requirement_id": "Disaster Recovery Testing (DiRT) and game days",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RO-01",
     "name": "AI System Failover Execution Procedures",
     "requirement_id": "Production Readiness Review — Failover procedures and incident response runbooks",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RO-02",
     "name": "Model Rollback Execution and Validation",
     "requirement_id": "Ch. 8",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RO-03",
     "name": "Data Recovery and Integrity Verification Post-Incident",
     "requirement_id": "Incident management — Verification of data consistency before incident resolution",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RO-04",
     "name": "Recovery Operations Communication Protocol",
     "requirement_id": "Incident management — Incident Commander role and structured stakeholder communication cadence",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RO-05",
     "name": "Pre-Restoration Validation Before Traffic Resumption",
     "requirement_id": "Ch. 14",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RO-06",
     "name": "Recovery Operations Audit Trail",
     "requirement_id": "Postmortem practices — Timestamped action log and incident timeline reconstruction",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RO-07",
     "name": "Recovery Time Compliance Verification",
     "requirement_id": "SLO management — Error budget consumption and SLA breach detection",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RO-08",
     "name": "Recovery Operations Evidence Package",
     "requirement_id": "Postmortem practices — Structured incident report with timeline, root cause, and remediation tracking",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "FO-01",
     "name": "Graceful Degradation Design Patterns",
     "requirement_id": "Ch. 22",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "FO-02",
     "name": "Circuit Breaker Implementation for AI Integrations",
     "requirement_id": "Ch. 22",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "FO-03",
     "name": "Fallback Behavior Governance",
     "requirement_id": "Ch. 22",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "FO-05",
     "name": "Cascade Failure Prevention in Multi-Agent Pipelines",
     "requirement_id": "Ch. 22",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "FO-06",
     "name": "Load Shedding and Backpressure Mechanisms",
     "requirement_id": "Ch. 22",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "FO-07",
     "name": "Fault Tolerance Test Coverage",
     "requirement_id": "Ch. 33",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "FO-08",
     "name": "Fault Tolerance Evidence Package",
     "requirement_id": "Production readiness review: fault tolerance criteria",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RE-01",
     "name": "High Availability Architecture for AI Systems",
     "requirement_id": "Ch. 3",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RE-01",
     "name": "High Availability Architecture for AI Systems",
     "requirement_id": "SRE Workbook Ch. 2 — Implementing SLOs",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RE-02",
     "name": "Stateless Agent Design and Session Recovery",
     "requirement_id": "Ch. 26",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RE-03",
     "name": "Data Redundancy and Backup Governance",
     "requirement_id": "Google SRE — Postmortem practices and error budget policies: data loss event analysis and backup governance improvement cycles",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RE-04",
     "name": "Infrastructure-as-Code for Reproducible Recovery",
     "requirement_id": "Google SRE — Production readiness review and change management: controlled, auditable infrastructure change processes",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RE-05",
     "name": "Dependency Isolation and Bulkhead Patterns",
     "requirement_id": "Ch. 21",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RE-06",
     "name": "DORA Compliance Architecture for AI Systems",
     "requirement_id": "Google SRE — Incident management, postmortem practices, and SLO management: operational resilience evidence for DORA supervisory reporting",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RE-07",
     "name": "Resilience Engineering Review in Development Lifecycle",
     "requirement_id": "Ch. 32",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RE-08",
     "name": "Resilience Engineering Evidence Package",
     "requirement_id": "Google SRE — Postmortem practices and production readiness review: structured post-incident and pre-deployment resilience evidence artifacts",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RG-01",
     "name": "Resilience Governance Structure",
     "requirement_id": "Production readiness review",
     "fit": "adjacent"
    },
    {
     "domain": "resilience",
     "control": "RG-02",
     "name": "Resilience Policy Framework",
     "requirement_id": "Error budget policies",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RG-04",
     "name": "Resilience Risk Appetite and Threshold Setting",
     "requirement_id": "SRE Book Ch. 3",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RG-05",
     "name": "Resilience Program Resourcing",
     "requirement_id": "Toil reduction and on-call practices",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RG-06",
     "name": "Resilience Incident Response Integration",
     "requirement_id": "Incident management and postmortem practices",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RG-07",
     "name": "Resilience Program Metrics and Board Reporting",
     "requirement_id": "SLO/SLA management and error budget policies",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RG-08",
     "name": "ResilienceAttestation Production",
     "requirement_id": "Production readiness review",
     "fit": "adjacent"
    }
   ],
   "source_refs": [
    {
     "domain": "resilience",
     "control": "RV-01",
     "name": "AI System RTO/RPO Definition and Validation",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RV-02",
     "name": "Resilience Control Verification Testing",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RV-03",
     "name": "Chaos Engineering for AI Systems",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RV-04",
     "name": "Recovery Capability Verification After Actual Incident",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RV-05",
     "name": "Third-Party AI Dependency Resilience Assessment",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RV-06",
     "name": "Multi-Region and Multi-AZ Resilience Verification",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RV-07",
     "name": "Degraded-Mode AI Operation Testing",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RV-08",
     "name": "Resilience Verification Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RP-01",
     "name": "AI-Specific Business Continuity Plan",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RP-02",
     "name": "AI System Disaster Recovery Plan",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RP-03",
     "name": "Model Rollback and Previous Version Recovery Planning",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RP-04",
     "name": "RAG Index and Knowledge Base Recovery Plan",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RP-05",
     "name": "Recovery Priority Classification for AI Systems",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RP-06",
     "name": "Third-Party AI Provider Outage Response Plan",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RP-07",
     "name": "Recovery Plan Testing and Tabletop Exercises",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RO-01",
     "name": "AI System Failover Execution Procedures",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RO-02",
     "name": "Model Rollback Execution and Validation",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RO-03",
     "name": "Data Recovery and Integrity Verification Post-Incident",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RO-04",
     "name": "Recovery Operations Communication Protocol",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RO-05",
     "name": "Pre-Restoration Validation Before Traffic Resumption",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RO-06",
     "name": "Recovery Operations Audit Trail",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RO-07",
     "name": "Recovery Time Compliance Verification",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RO-08",
     "name": "Recovery Operations Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "FO-01",
     "name": "Graceful Degradation Design Patterns",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "FO-02",
     "name": "Circuit Breaker Implementation for AI Integrations",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "FO-03",
     "name": "Fallback Behavior Governance",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "FO-05",
     "name": "Cascade Failure Prevention in Multi-Agent Pipelines",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "FO-06",
     "name": "Load Shedding and Backpressure Mechanisms",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "FO-07",
     "name": "Fault Tolerance Test Coverage",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "FO-08",
     "name": "Fault Tolerance Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RE-01",
     "name": "High Availability Architecture for AI Systems",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RE-02",
     "name": "Stateless Agent Design and Session Recovery",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RE-03",
     "name": "Data Redundancy and Backup Governance",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RE-04",
     "name": "Infrastructure-as-Code for Reproducible Recovery",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RE-05",
     "name": "Dependency Isolation and Bulkhead Patterns",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RE-06",
     "name": "DORA Compliance Architecture for AI Systems",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RE-07",
     "name": "Resilience Engineering Review in Development Lifecycle",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RE-08",
     "name": "Resilience Engineering Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RG-01",
     "name": "Resilience Governance Structure",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RG-02",
     "name": "Resilience Policy Framework",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RG-04",
     "name": "Resilience Risk Appetite and Threshold Setting",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RG-05",
     "name": "Resilience Program Resourcing",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RG-06",
     "name": "Resilience Incident Response Integration",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RG-07",
     "name": "Resilience Program Metrics and Board Reporting",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RG-08",
     "name": "ResilienceAttestation Production",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {
    "resilience": 46
   },
   "title": "Site Reliability Engineering (SRE Book, 2016)",
   "total": 91
  },
  {
   "source_id": "google_cloud_financial_services_ai_2024",
   "framework_refs": [
    {
     "domain": "finance",
     "control": "MR-01",
     "name": "SR 26-2 Model Inventory and Risk Tiering",
     "requirement_id": "Vertex AI Model Registry",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MR-02",
     "name": "Model Risk Governance Policy Framework",
     "requirement_id": "Google Cloud compliance offerings",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MR-03",
     "name": "Pre-Deployment Model Risk Assessment",
     "requirement_id": "Explainable AI",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MR-04",
     "name": "Model Risk Appetite and Material Model Thresholds",
     "requirement_id": "Model Cards",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MR-05",
     "name": "Ongoing Model Risk Monitoring",
     "requirement_id": "Vertex AI Model Monitoring",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MR-06",
     "name": "Third-Party and Vendor AI Model Risk Management",
     "requirement_id": "Google Cloud compliance offerings",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MR-07",
     "name": "Emerging Model Risk Identification",
     "requirement_id": "Model Cards",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MR-08",
     "name": "Model Risk Evidence Package",
     "requirement_id": "Google Cloud compliance offerings",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MV-01",
     "name": "Independent Validation Function Charter",
     "requirement_id": "Vertex AI Model Registry",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MV-02",
     "name": "Conceptual Soundness Assessment",
     "requirement_id": "Explainable AI",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MV-03",
     "name": "Outcome Analysis and Backtesting",
     "requirement_id": "Vertex AI Model Monitoring",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MV-04",
     "name": "Benchmarking and Challenger Models",
     "requirement_id": "Vertex AI Model Monitoring",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MV-05",
     "name": "Validation Frequency and Trigger-Based Review",
     "requirement_id": "Vertex AI Model Monitoring",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MV-06",
     "name": "Validation Scope for AI/ML and LLM Models",
     "requirement_id": "Explainable AI",
     "fit": "adjacent"
    },
    {
     "domain": "finance",
     "control": "MV-07",
     "name": "Validation Finding Escalation and Remediation",
     "requirement_id": "Vertex AI Model Registry",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MV-08",
     "name": "Model Validation Evidence Package",
     "requirement_id": "Model Cards",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FD-01",
     "name": "AI-Driven Decision Transparency and Auditability",
     "requirement_id": "Explainable AI",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FD-02",
     "name": "ECOA/Reg B Adverse Action Notice for AI Decisions",
     "requirement_id": "Explainable AI",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FD-03",
     "name": "Fair Lending AI Explainability",
     "requirement_id": "Explainable AI",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FD-06",
     "name": "AI System Disclosure in Financial Filings",
     "requirement_id": "Google Cloud compliance offerings",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FD-07",
     "name": "Model Transparency Dashboard for Senior Management",
     "requirement_id": "Vertex AI Model Monitoring",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FD-08",
     "name": "Financial Disclosure Evidence Package",
     "requirement_id": "Model Cards",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FC-01",
     "name": "SOX 302/404 Controls over AI-Generated Financial Data",
     "requirement_id": "Vertex AI Model Registry",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FC-02",
     "name": "AI-Generated Output Materiality Assessment",
     "requirement_id": "Explainable AI",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FC-03",
     "name": "Reconciliation Controls for AI-Influenced Financial Outputs",
     "requirement_id": "Vertex AI Model Monitoring",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FC-04",
     "name": "Change Management Controls for Financial AI Systems",
     "requirement_id": "Vertex AI Model Registry",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FC-05",
     "name": "Access Controls for Financial AI Systems",
     "requirement_id": "Cloud IAM",
     "fit": "adjacent"
    },
    {
     "domain": "finance",
     "control": "FC-06",
     "name": "AI Operational Error and Financial Exception Management",
     "requirement_id": "Vertex AI Model Monitoring",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FC-07",
     "name": "Financial Data Integrity Monitoring",
     "requirement_id": "Vertex AI Model Monitoring",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FC-08",
     "name": "Financial Controls Evidence Package",
     "requirement_id": "Google Cloud compliance offerings",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FP-01",
     "name": "AI Use Policy for Financial Decision-Making",
     "requirement_id": "Vertex AI Model Registry",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FP-02",
     "name": "Prohibited AI Use Cases in Financial Services",
     "requirement_id": "Google Cloud compliance offerings",
     "fit": "adjacent"
    },
    {
     "domain": "finance",
     "control": "FP-03",
     "name": "Financial AI Risk Appetite Statement",
     "requirement_id": "Vertex AI Model Monitoring",
     "fit": "adjacent"
    },
    {
     "domain": "finance",
     "control": "FP-04",
     "name": "AI Procurement and Vendor Management Policy for Finance",
     "requirement_id": "Google Cloud compliance offerings",
     "fit": "adjacent"
    },
    {
     "domain": "finance",
     "control": "FP-05",
     "name": "Data Governance Policy for Financial AI",
     "requirement_id": "Vertex AI Model Monitoring",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FP-06",
     "name": "Financial AI Change Control Policy",
     "requirement_id": "Vertex AI Model Registry",
     "fit": "adjacent"
    },
    {
     "domain": "finance",
     "control": "FP-07",
     "name": "AI Exception and Escalation Policy",
     "requirement_id": "Explainable AI",
     "fit": "adjacent"
    },
    {
     "domain": "finance",
     "control": "FP-08",
     "name": "Financial Policy Evidence Package",
     "requirement_id": "Model Cards",
     "fit": "adjacent"
    },
    {
     "domain": "finance",
     "control": "FG-01",
     "name": "Finance AI Governance Structure",
     "requirement_id": "Vertex AI Model Registry",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FG-02",
     "name": "Senior and Named Accountability for Financial AI Decisions",
     "requirement_id": "Vertex AI Model Registry",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FG-03",
     "name": "Board-Level Oversight of Financial AI Risk",
     "requirement_id": "Vertex AI Model Monitoring",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FG-04",
     "name": "Regulatory Relationship Management",
     "requirement_id": "Google Cloud compliance offerings",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FG-06",
     "name": "Financial AI Program Metrics and Board Reporting",
     "requirement_id": "Vertex AI Model Monitoring",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FG-07",
     "name": "Annual AI Governance Review",
     "requirement_id": "Google Cloud compliance offerings",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FG-08",
     "name": "FinanceAttestation Production",
     "requirement_id": "Google Cloud compliance offerings",
     "fit": "partial"
    }
   ],
   "source_refs": [
    {
     "domain": "finance",
     "control": "MR-01",
     "name": "SR 26-2 Model Inventory and Risk Tiering",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MR-02",
     "name": "Model Risk Governance Policy Framework",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MR-03",
     "name": "Pre-Deployment Model Risk Assessment",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MR-04",
     "name": "Model Risk Appetite and Material Model Thresholds",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MR-05",
     "name": "Ongoing Model Risk Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MR-06",
     "name": "Third-Party and Vendor AI Model Risk Management",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MR-07",
     "name": "Emerging Model Risk Identification",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MR-08",
     "name": "Model Risk Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MV-01",
     "name": "Independent Validation Function Charter",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MV-02",
     "name": "Conceptual Soundness Assessment",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MV-03",
     "name": "Outcome Analysis and Backtesting",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MV-04",
     "name": "Benchmarking and Challenger Models",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MV-05",
     "name": "Validation Frequency and Trigger-Based Review",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MV-06",
     "name": "Validation Scope for AI/ML and LLM Models",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MV-07",
     "name": "Validation Finding Escalation and Remediation",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MV-08",
     "name": "Model Validation Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FD-01",
     "name": "AI-Driven Decision Transparency and Auditability",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FD-02",
     "name": "ECOA/Reg B Adverse Action Notice for AI Decisions",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FD-03",
     "name": "Fair Lending AI Explainability",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FD-04",
     "name": "Model Output Disclosure to Financial Regulators",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FD-06",
     "name": "AI System Disclosure in Financial Filings",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FD-07",
     "name": "Model Transparency Dashboard for Senior Management",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FD-08",
     "name": "Financial Disclosure Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FC-01",
     "name": "SOX 302/404 Controls over AI-Generated Financial Data",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FC-02",
     "name": "AI-Generated Output Materiality Assessment",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FC-03",
     "name": "Reconciliation Controls for AI-Influenced Financial Outputs",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FC-04",
     "name": "Change Management Controls for Financial AI Systems",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FC-05",
     "name": "Access Controls for Financial AI Systems",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FC-06",
     "name": "AI Operational Error and Financial Exception Management",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FC-07",
     "name": "Financial Data Integrity Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FC-08",
     "name": "Financial Controls Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FP-01",
     "name": "AI Use Policy for Financial Decision-Making",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FP-02",
     "name": "Prohibited AI Use Cases in Financial Services",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FP-03",
     "name": "Financial AI Risk Appetite Statement",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FP-04",
     "name": "AI Procurement and Vendor Management Policy for Finance",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FP-05",
     "name": "Data Governance Policy for Financial AI",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FP-06",
     "name": "Financial AI Change Control Policy",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FP-07",
     "name": "AI Exception and Escalation Policy",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FP-08",
     "name": "Financial Policy Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FG-01",
     "name": "Finance AI Governance Structure",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FG-02",
     "name": "Senior and Named Accountability for Financial AI Decisions",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FG-03",
     "name": "Board-Level Oversight of Financial AI Risk",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FG-04",
     "name": "Regulatory Relationship Management",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FG-06",
     "name": "Financial AI Program Metrics and Board Reporting",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FG-07",
     "name": "Annual AI Governance Review",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FG-08",
     "name": "FinanceAttestation Production",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {
    "finance": 45
   },
   "title": "Google Cloud Explainable AI",
   "total": 91
  },
  {
   "source_id": "owasp_aisvs_v1",
   "framework_refs": [
    {
     "domain": "security",
     "control": "IA-01",
     "name": "Give every agent its own distinct identity, never a shared or human login",
     "requirement_id": "C9.4.1 (unique per-agent cryptographic identity); C5.1.2 (short-lived signed agent tokens)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "IA-02",
     "name": "Hand out short-lived, task-scoped keys (no long-lived secrets)",
     "requirement_id": "C5.1.2 (short-lived, minimal-scope agent tokens); C9.4.3 (credential rotation); C9.5.4 (no secrets in model context)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "IA-03",
     "name": "Act on the user's behalf with explicit approval for sensitive steps",
     "requirement_id": "C9.5.2 (scope-limited on-behalf-of delegation token); C9.2.1 (human approval for high-impact steps)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "IA-04",
     "name": "Check permission continuously at run time, not just once at login",
     "requirement_id": "C9.5.3 (authz decided by a policy engine, never the model); C9.5.6 (re-check authz per privileged action); C9.5.1 (fine-grained tool and parameter policy); C5.2",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "IA-05",
     "name": "Find and inventory every agent, surface the shadow ones",
     "requirement_id": "C3.1.1 (registry and inventory of deployed artifacts)",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "IA-06",
     "name": "Bind a signed, end-to-end provenance chain to every agent action",
     "requirement_id": "C9.4.2 (bind each action to the execution chain for non-repudiation); C9.2.8 (cryptographic approval binding to params, identity, nonce)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "EC-01",
     "name": "Run the agent in a sandbox, from process isolation up to micro-VMs",
     "requirement_id": "C4.1.1 (isolated execution sandbox); C9.3.1 (per-tool least-privilege sandbox); C4.2.2 (TEE hardware isolation)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "EC-02",
     "name": "Filter the agent's outbound network traffic",
     "requirement_id": "C7.3.3 (block model-triggered outbound requests)",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "EC-03",
     "name": "Keep memory short-lived, and validate anything written to it",
     "requirement_id": "C8.2.3 (validate writes to trusted memory); C8.3.1-C8.3.2 (memory expiry and reset); C9.4.4 (integrity-protect persisted agent state)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "EC-04",
     "name": "Limit filesystem and tool access to the bare minimum",
     "requirement_id": "C9.5.1 (restrict invokable tools and parameter values); C9.3.1 (least-privilege tool sandbox); C5.2.1 (default-deny allowlist)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "EC-05",
     "name": "Cap spend and resource use, stop denial-of-wallet",
     "requirement_id": "C9.1.1 (per-tool resource quotas and timeouts); C9.1.2 (execution budgets incl. monetary spend); C12.2.5 (granular token-usage tracking)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "EC-06",
     "name": "Contain runaway loops and over-reach (least-agency)",
     "requirement_id": "C9.1.2 (recursion-depth and loop budgets); C9.1.3 (swarm-level kill-switch); C9.2.5 (restrict self-modification)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "EC-07",
     "name": "Trust-rank retrieved content before it enters the agent's context",
     "requirement_id": "C8.2.4 (reject retrieval-manipulation content); C5.2.2 (per-stage retrieval authorization); C9.3.5 (isolate untrusted data from tool-calling)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "EC-08",
     "name": "Keep secrets out of the prompt and context",
     "requirement_id": "C9.5.4 (no secrets in model context); C7.3.2 (block prompt and secret disclosure in output); C8.2.1 (mask sensitive data before embedding)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "EC-09",
     "name": "Treat the workspace and its config and hooks as untrusted",
     "requirement_id": "C9.2.5 (restrict config and self-modification); C9.3.7 (allowlist external resources before install or invoke); C10.1.3 (sandbox locally-launched servers)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "EC-10",
     "name": "Verify trigger provenance and admit autonomous runs",
     "requirement_id": "C12.4.1 (security evaluation in action triggers); C9.2.1 (gate high-impact triggers)",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "PT-01",
     "name": "Authenticate and sign agent-to-agent communication",
     "requirement_id": "C9.4.1 (authenticated agent principals); C9.5.5 (policy-gated inter-agent delegation)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "PT-02",
     "name": "Authorize tool calls and govern the MCP server registry",
     "requirement_id": "C10.2.5 (authorize every tool call incl. argument values); C10.2.4 (scope-limited tools/list); C10.1.2 (allowlisted MCP servers)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "PT-02",
     "name": "Authorize tool calls and govern the MCP server registry",
     "requirement_id": "C10.3.3",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "PT-02",
     "name": "Authorize tool calls and govern the MCP server registry",
     "requirement_id": "C10.3.4",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "PT-03",
     "name": "Verify skill/tool manifest integrity and sign the supply chain",
     "requirement_id": "C10.1.1 (trusted, cryptographically-verified MCP components); C9.3.7 (registry and allowlist verification); C6.2.2 (signed AI BOM)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "PT-04",
     "name": "Validate tool input/output, treat tool results as untrusted",
     "requirement_id": "C9.3.2 and C10.4.1 (schema-validate tool output before context); C10.4.2 (screen tool results for injection)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "PT-05",
     "name": "Encode and validate the agent's own output before it reaches other systems",
     "requirement_id": "C7.1.1 (schema-validate model output); C7.3.4 (detect hidden or encoded output); C7.3.3 (block output-triggered outbound)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "PT-06",
     "name": "Sanitize model-generated tool parameters, not just the schema",
     "requirement_id": "C10.4.3 (reject unrecognized or oversized tool params); C9.5.1 (constrain parameter values)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "PT-07",
     "name": "Verify tool descriptions for hidden instructions (description injection)",
     "requirement_id": "C10.4.8 (tool-definition snapshots and re-approval on change); C10.4.2 (screen tool content for injection)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "PT-08",
     "name": "Enforce an instruction hierarchy so tool output cannot give the agent orders",
     "requirement_id": "C2.1.6 (enforce instruction hierarchy: system and developer over user); C10.4.2 (screen tool output for injected instructions)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "GV-01",
     "name": "Require a human hard-stop for irreversible actions",
     "requirement_id": "C9.2.1 (human approval before irreversible actions); C9.2.3-C9.2.4 (reversibility classification and enforcement); C9.6.1 (manual kill-switch)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "GV-02",
     "name": "Keep an immutable, tamper-evident audit trail of what the agent did",
     "requirement_id": "C12.4.2 (log security-critical actions with approver, params, outcome); C12.5.3 (immutable audit records for model changes); C12.1.2 (policy decisions documente",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "GV-03",
     "name": "Define multi-agent authority and conflict resolution explicitly",
     "requirement_id": "C9.5.5 (explicit inter-agent delegation policy); C9.2.10 (highest-impact class across multi-agent chains)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "GV-04",
     "name": "Enforce policy as code at run time, in the request path",
     "requirement_id": "C9.5.3 (deterministic policy engine, not the model); C9.5.1 (fine-grained runtime policy enforcement)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "GV-06",
     "name": "Cap the rate and volume of irreversible actions",
     "requirement_id": "C9.1.1-C9.1.2 (action quotas and budgets); C11.2.2 (per-principal and global rate limits)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "GV-07",
     "name": "Protect humans from being deceived by an agent",
     "requirement_id": "C7.4.1-C7.4.2 (non-fabricated source attribution); C7.4.4 (AI-content watermarking)",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "GV-08",
     "name": "Make high-impact actions transactional, atomic, idempotent, state-checked",
     "requirement_id": "C9.2.8 (nonce-bound approvals); C9.2.3-C9.2.4 (irreversibility handling)",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "GV-10",
     "name": "Enable end-user responsibility and guard against automation bias",
     "requirement_id": "C9.2.2 (full, non-truncated action detail in approvals); C7.4.1 (source attribution)",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "GV-11",
     "name": "Plan recovery and compensation for actions the agent already committed",
     "requirement_id": "C3.3.1-C3.3.2 (automated rollback and full state restoration); C9.2.3 (reversibility classification)",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "RT-01",
     "name": "Capture OS-level telemetry of what the agent actually does",
     "requirement_id": "C12.1.1 (log agent actions with telemetry); C12.1.3 (structured, interoperable schema)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "RT-02",
     "name": "Detect direct and indirect prompt injection at every input and output",
     "requirement_id": "C2.1.3 (injection detection on all steering inputs); C12.2.1 (alert on injection and jailbreak); C10.4.2 (screen tool results for indirect injection)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "RT-03",
     "name": "Supervise the agent's reasoning and check it matches its actions",
     "requirement_id": "C9.2.6 (AI-augmented review of planned actions); C9.2.7 (harden the reviewer against injection)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "RT-04",
     "name": "Detect anomalies and trigger pause, kill switch, or containment",
     "requirement_id": "C12.2.2 (anomaly detection); C9.3.8 (automated tool containment); C9.6.1 (kill-switch)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "RT-05",
     "name": "Apply data-loss prevention to agent egress and interactions",
     "requirement_id": "C5.2.4 (post-inference filtering of unauthorized data); C7.3.2 (block sensitive disclosure); C12.2.6 (covert-channel monitoring)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "RT-06",
     "name": "Map AI-native threats, extend ATT&CK/ATLAS to agentic orchestration",
     "requirement_id": "C12.2.3 (custom detection rules for coordinated and novel attacks)",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "RT-07",
     "name": "Detect multi-agent collusion and covert channels",
     "requirement_id": "C12.2.6 (covert-channel indicators); C12.2.3 (coordinated-attack rules)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "AS-01",
     "name": "Adversarially red-team and evaluate the agent before launch",
     "requirement_id": "C11.1.3 (adversarial evaluation pre-release); C11.1.2 (versioned alignment test suite per release)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "AS-02",
     "name": "Statically analyze agent skills and manifests in CI",
     "requirement_id": "C6.1.1 (malicious-code scanning of artifacts); C6.2.3 (build-gate on AI BOM completeness)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "AS-03",
     "name": "Gate releases on continuous adversarial validation",
     "requirement_id": "C11.1.2 (alignment suite on every release); C11.1.5 (regression-flagging evaluator); C3.2.3 (re-eval on model or routing change)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "AS-06",
     "name": "Verify model-weights and training-data provenance before load",
     "requirement_id": "C3.1.3 (verify signatures at model load); C6.1.3 (artifact integrity verification); C6.2.1 (AI BOM data provenance)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "AS-07",
     "name": "Verify a skill does what it declares (behavioral integrity)",
     "requirement_id": "C6.1.4 (behavioral acceptance testing); C9.3.4 (enforce manifest-declared behavior at runtime)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "EC-11",
     "name": "AI Accelerator Firmware and Trusted Execution Integrity",
     "requirement_id": "C4.2.1",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "EC-11",
     "name": "AI Accelerator Firmware and Trusted Execution Integrity",
     "requirement_id": "C4.2.2",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "EC-11",
     "name": "AI Accelerator Firmware and Trusted Execution Integrity",
     "requirement_id": "C4.2.4",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "EC-11",
     "name": "AI Accelerator Firmware and Trusted Execution Integrity",
     "requirement_id": "C4.2.5",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "EC-11",
     "name": "AI Accelerator Firmware and Trusted Execution Integrity",
     "requirement_id": "C4.2.3",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "EC-11",
     "name": "AI Accelerator Firmware and Trusted Execution Integrity",
     "requirement_id": "C4.3.4",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "LI-01",
     "name": "Unique Model Identity and Content-Addressed Version Hash",
     "requirement_id": "C3.1",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "LI-02",
     "name": "Model Provenance Chain — Base Model, Fine-Tune, Merge, and Adapter Lineage",
     "requirement_id": "C6.2",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "LI-08",
     "name": "License and IP Governance — Dataset License Tracking, Derivative Work...",
     "requirement_id": "C1.1.5",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "TG-01",
     "name": "Training Data Quality Gates",
     "requirement_id": "C1.3",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "TG-02",
     "name": "Bias and Representativeness Assessment",
     "requirement_id": "C1.3",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "TG-03",
     "name": "Data Rights, Lawful Authority and Permitted Use",
     "requirement_id": "C1.1",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "TG-04",
     "name": "Data Poisoning Prevention",
     "requirement_id": "C1.3",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "TG-05",
     "name": "Train/Evaluation/Test Separation and Contamination Prevention",
     "requirement_id": "C1.3",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "TG-06",
     "name": "Sensitive-Data Necessity, Minimization and Controlled Use",
     "requirement_id": "C1.1",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "TG-07",
     "name": "Third-Party Dataset Governance",
     "requirement_id": "C1.1",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "TG-08",
     "name": "Dataset Retention, Deletion and Lifecycle",
     "requirement_id": "C1.1",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "EV-01",
     "name": "Pre-Deployment Evaluation Gate",
     "requirement_id": "C3.2",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "EV-02",
     "name": "Fitness, Safety, Reliability and Policy-Conformance Evaluation",
     "requirement_id": "C3.2",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "EV-04",
     "name": "Adversarial Red-Team Testing",
     "requirement_id": "C11.1",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "EV-06",
     "name": "Reproducible Evaluation Design",
     "requirement_id": "C3.2",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "EV-07",
     "name": "Regression Testing on Updates",
     "requirement_id": "C3.2",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "BH-01",
     "name": "Output Anomaly Detection",
     "requirement_id": "C11.2.3",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "EV-12",
     "name": "Model Inversion and Reconstruction Resistance",
     "requirement_id": "C11.2.5",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AT-01",
     "name": "Tool and Plugin Registry",
     "requirement_id": "C9.3.3 / C9.3.7",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AO-04",
     "name": "Human-in-the-Loop Gates for High-Consequence Orchestrations",
     "requirement_id": "C9.2.6",
     "fit": "supporting"
    },
    {
     "domain": "agentic",
     "control": "AB-09",
     "name": "Comprehensive Input Validation and Multimodal Screening",
     "requirement_id": "C2.1.4",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AB-09",
     "name": "Comprehensive Input Validation and Multimodal Screening",
     "requirement_id": "C2.1.7",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AB-09",
     "name": "Comprehensive Input Validation and Multimodal Screening",
     "requirement_id": "C2.2.3",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AB-09",
     "name": "Comprehensive Input Validation and Multimodal Screening",
     "requirement_id": "C2.2.4",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AB-09",
     "name": "Comprehensive Input Validation and Multimodal Screening",
     "requirement_id": "C2.2.2",
     "fit": "partial"
    }
   ],
   "source_refs": [
    {
     "domain": "model",
     "control": "LI-01",
     "name": "Unique Model Identity and Content-Addressed Version Hash",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "LI-02",
     "name": "Model Provenance Chain — Base Model, Fine-Tune, Merge, and Adapter Lineage",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "LI-05",
     "name": "Training Data Lineage Pointer — Link from Model Registry to TG-Layer Dataset...",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "LI-08",
     "name": "License and IP Governance — Dataset License Tracking, Derivative Work...",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "EV-04",
     "name": "Adversarial Red-Team Testing",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "EV-06",
     "name": "Reproducible Evaluation Design",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "BH-01",
     "name": "Output Anomaly Detection",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "BH-04",
     "name": "Behavioral Boundary Performance Testing",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "BH-06",
     "name": "Injection-Resistance Evaluation in Production",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "BH-07",
     "name": "Resource and Cost Anomaly Monitoring",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "BH-10",
     "name": "Feedback Loop Integrity and Online Learning Governance",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "agentic",
     "control": "AT-01",
     "name": "Tool and Plugin Registry",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {
    "security": 53,
    "model": 18,
    "agentic": 7
   },
   "title": "OWASP AI Security Verification Standard v1.0",
   "total": 90
  },
  {
   "source_id": "csa_aicm",
   "framework_refs": [
    {
     "domain": "security",
     "control": "IA-01",
     "name": "Give every agent its own distinct identity, never a shared or human login",
     "requirement_id": "IAM-03 (identity inventory); IAM-12 (uniquely identifiable users)",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "IA-02",
     "name": "Hand out short-lived, task-scoped keys (no long-lived secrets)",
     "requirement_id": "IAM-10 (management of privileged access roles); IAM-14 (credential management)",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "IA-03",
     "name": "Act on the user's behalf with explicit approval for sensitive steps",
     "requirement_id": "IAM-15 (authorization mechanisms); IAM-12 (uniquely identifiable users)",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "IA-04",
     "name": "Check permission continuously at run time, not just once at login",
     "requirement_id": "IAM-15 (authorization mechanisms); IAM-08 (access review)",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "IA-05",
     "name": "Find and inventory every agent, surface the shadow ones",
     "requirement_id": "IAM-03 (identity inventory); CCC-06 (change-management baseline)",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "IA-06",
     "name": "Bind a signed, end-to-end provenance chain to every agent action",
     "requirement_id": "LOG-09 (log records)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "EC-01",
     "name": "Run the agent in a sandbox, from process isolation up to micro-VMs",
     "requirement_id": "AIS-13 (AI sandboxing); AIS-11 (agent security boundaries)",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "EC-02",
     "name": "Filter the agent's outbound network traffic",
     "requirement_id": "I&S-03 (network security); I&S-06 (segmentation and segregation)",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "EC-03",
     "name": "Keep memory short-lived, and validate anything written to it",
     "requirement_id": "DSP-21 (data poisoning prevention and detection); DSP-17 (sensitive data protection)",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "EC-04",
     "name": "Limit filesystem and tool access to the bare minimum",
     "requirement_id": "AIS-11 (agent security boundaries); IAM-05 (least privilege)",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "EC-05",
     "name": "Cap spend and resource use, stop denial-of-wallet",
     "requirement_id": "GRC (operational / cost risk)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "EC-06",
     "name": "Contain runaway loops and over-reach (least-agency)",
     "requirement_id": "AIS-11 (agent security boundaries)",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "EC-07",
     "name": "Trust-rank retrieved content before it enters the agent's context",
     "requirement_id": "DSP-20 (data provenance and transparency); DSP-23 (data integrity check)",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "EC-08",
     "name": "Keep secrets out of the prompt and context",
     "requirement_id": "DSP-17 (sensitive data protection); DSP-10 (sensitive data transfer)",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "EC-09",
     "name": "Treat the workspace and its config and hooks as untrusted",
     "requirement_id": "AIS-11 (agent security boundaries); CCC-01 (change-management policy)",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "PT-01",
     "name": "Authenticate and sign agent-to-agent communication",
     "requirement_id": "AIS-11 (agent security boundaries)",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "PT-02",
     "name": "Authorize tool calls and govern the MCP server registry",
     "requirement_id": "IAM-15 (authorization mechanisms); IAM-18 (agent access restriction)",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "PT-03",
     "name": "Verify skill/tool manifest integrity and sign the supply chain",
     "requirement_id": "STA-08 (supply chain inventory); STA-09 (service bill of material)",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "PT-04",
     "name": "Validate tool input/output, treat tool results as untrusted",
     "requirement_id": "AIS-09 (input validation); AIS-10 (output validation)",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "PT-05",
     "name": "Encode and validate the agent's own output before it reaches other systems",
     "requirement_id": "AIS-10 (output validation); AIS-15 (prompt differentiation)",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "PT-06",
     "name": "Sanitize model-generated tool parameters, not just the schema",
     "requirement_id": "AIS-09 (input validation); AIS-10 (output validation)",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "PT-07",
     "name": "Verify tool descriptions for hidden instructions (description injection)",
     "requirement_id": "AIS-09 (input validation); STA-09 (service bill of material)",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "GV-01",
     "name": "Require a human hard-stop for irreversible actions",
     "requirement_id": "GRC (Governance, Risk & Compliance)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "GV-02",
     "name": "Keep an immutable, tamper-evident audit trail of what the agent did",
     "requirement_id": "LOG-07 (logging scope); LOG-09 (log records)",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "GV-03",
     "name": "Define multi-agent authority and conflict resolution explicitly",
     "requirement_id": "GRC (Governance, Risk & Compliance)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "GV-04",
     "name": "Enforce policy as code at run time, in the request path",
     "requirement_id": "CCC-03 (change-management technology); GRC-01 (governance program policy)",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "GV-05",
     "name": "Run an AI management system and tier agents by their autonomy",
     "requirement_id": "GRC-01 (governance program policy); GRC-02 (risk management program)",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "GV-06",
     "name": "Cap the rate and volume of irreversible actions",
     "requirement_id": "GRC (Governance, Risk & Compliance)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "GV-07",
     "name": "Protect humans from being deceived by an agent",
     "requirement_id": "GRC (Governance, Risk & Compliance); UEM (Universal Endpoint Management)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "GV-08",
     "name": "Make high-impact actions transactional, atomic, idempotent, state-checked",
     "requirement_id": "IAM-15 (authorization mechanisms); GRC (Governance, Risk & Compliance)",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "GV-09",
     "name": "Anchor a named business owner to every agent (accountability)",
     "requirement_id": "GRC-06 (governance responsibility model); IAM-12 (uniquely identifiable principals)",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "RT-01",
     "name": "Capture OS-level telemetry of what the agent actually does",
     "requirement_id": "LOG-03 (security monitoring and alerting); LOG-09 (log records)",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "RT-02",
     "name": "Detect direct and indirect prompt injection at every input and output",
     "requirement_id": "LOG-03 (security monitoring and alerting); AIS-09 (input validation)",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "RT-03",
     "name": "Supervise the agent's reasoning and check it matches its actions",
     "requirement_id": "LOG-05 (audit logs monitoring and response)",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "RT-04",
     "name": "Detect anomalies and trigger pause, kill switch, or containment",
     "requirement_id": "SEF-09 (incident records management); SEF-06 (event triage processes)",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "RT-05",
     "name": "Apply data-loss prevention to agent egress and interactions",
     "requirement_id": "LOG-16 (output monitoring); DSP-17 (sensitive data protection)",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "RT-06",
     "name": "Map AI-native threats, extend ATT&CK/ATLAS to agentic orchestration",
     "requirement_id": "LOG-05 (audit logs monitoring and response); TVM-05 (detection updates)",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "RT-07",
     "name": "Detect multi-agent collusion and covert channels",
     "requirement_id": "LOG-05 (audit logs monitoring and response)",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "RT-08",
     "name": "Monitor latent and representation-level signals, not just visible reasoning",
     "requirement_id": "LOG-05 (audit logs monitoring and response); TVM (Threat & Vulnerability Management)",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "AS-01",
     "name": "Adversarially red-team and evaluate the agent before launch",
     "requirement_id": "AIS-05 (application security testing)",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "AS-02",
     "name": "Statically analyze agent skills and manifests in CI",
     "requirement_id": "AIS-05 (application security testing); CCC-02 (quality testing)",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "AS-03",
     "name": "Gate releases on continuous adversarial validation",
     "requirement_id": "CCC-04 (unauthorized change protection)",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "AS-04",
     "name": "Run a bug-bounty / vulnerability reward program for agentic abuse",
     "requirement_id": "TVM (Threat & Vulnerability Management — Security Testing)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "AS-05",
     "name": "Study frontier offensive capability before public release",
     "requirement_id": "MDS-12 (open model risk assessment); MDS-06 (adversarial attack analysis)",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "AS-06",
     "name": "Verify model-weights and training-data provenance before load",
     "requirement_id": "MDS-09 (model signing / ownership verification); MDS-08 (model integrity)",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "AS-07",
     "name": "Verify a skill does what it declares (behavioral integrity)",
     "requirement_id": "AIS-05 (application security testing); STA-09 (service bill of material)",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "LI-08",
     "name": "License and IP Governance — Dataset License Tracking, Derivative Work...",
     "requirement_id": "MDS-03",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "TG-01",
     "name": "Training Data Quality Gates",
     "requirement_id": "DSP-23",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "TG-02",
     "name": "Bias and Representativeness Assessment",
     "requirement_id": "GRC-11",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "TG-03",
     "name": "Data Rights, Lawful Authority and Permitted Use",
     "requirement_id": "DSP-12",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "TG-04",
     "name": "Data Poisoning Prevention",
     "requirement_id": "STA-01",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "TG-06",
     "name": "Sensitive-Data Necessity, Minimization and Controlled Use",
     "requirement_id": "DSP-16",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "TG-07",
     "name": "Third-Party Dataset Governance",
     "requirement_id": "STA-08",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "TG-08",
     "name": "Dataset Retention, Deletion and Lifecycle",
     "requirement_id": "DSP-16",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "EV-01",
     "name": "Pre-Deployment Evaluation Gate",
     "requirement_id": "GRC-01",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "EV-02",
     "name": "Fitness, Safety, Reliability and Policy-Conformance Evaluation",
     "requirement_id": "A&A-02",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "EV-03",
     "name": "Dangerous Capability Threshold Assessment",
     "requirement_id": "A&A-02",
     "fit": "adjacent"
    },
    {
     "domain": "model",
     "control": "EV-04",
     "name": "Adversarial Red-Team Testing",
     "requirement_id": "TVM-07",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "EV-05",
     "name": "Fairness and Bias Evaluation",
     "requirement_id": "GRC-11",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "EV-06",
     "name": "Reproducible Evaluation Design",
     "requirement_id": "MDS-05",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "EV-07",
     "name": "Regression Testing on Updates",
     "requirement_id": "CCC-02",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "EV-08",
     "name": "Independent Validation",
     "requirement_id": "MDS-03",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "EV-09",
     "name": "Risk and Applicability Classification",
     "requirement_id": "GRC-10",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "EV-10",
     "name": "Evaluation Result Provenance",
     "requirement_id": "A&A-04",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "OA-01",
     "name": "Model Ownership Assignment",
     "requirement_id": "GRC-06",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "OA-02",
     "name": "Meaningful Human Oversight for High-Stakes Decisions",
     "requirement_id": "GRC-15",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "OA-03",
     "name": "AI Model Governance Committee",
     "requirement_id": "GRC-10",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "OA-04",
     "name": "Delegated Autonomy Tier Governance",
     "requirement_id": "GRC-02",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "OA-05",
     "name": "Regulatory and Legal Review Sign-Off",
     "requirement_id": "GRC-07",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "OA-07",
     "name": "Incident Escalation Authority Chain",
     "requirement_id": "SEF-01",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "OA-08",
     "name": "Notice, Explanation Support, Human Review and Contestability",
     "requirement_id": "GRC-13",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "BH-01",
     "name": "Output Anomaly Detection",
     "requirement_id": "MDS-10",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "BH-02",
     "name": "Concept and Data Drift Detection",
     "requirement_id": "MDS-10",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "BH-03",
     "name": "Production Performance Degradation Alerting",
     "requirement_id": "LOG-14",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "BH-04",
     "name": "Behavioral Boundary Performance Testing",
     "requirement_id": "TVM-13",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "BH-05",
     "name": "Usage Telemetry and Decision Logging",
     "requirement_id": "LOG-07",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "BH-06",
     "name": "Injection-Resistance Evaluation in Production",
     "requirement_id": "AIS-09",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "BH-09",
     "name": "Synthetic-Content Provenance, Disclosure and Traceability",
     "requirement_id": "DSP-20",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "BH-10",
     "name": "Feedback Loop Integrity and Online Learning Governance",
     "requirement_id": "DSP-21",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "CR-01",
     "name": "Continuous Production Monitoring and Risk Aggregation",
     "requirement_id": "MDS-10",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "CR-02",
     "name": "Model Evidence Archive and Audit Trail",
     "requirement_id": "LOG-10",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "CR-03",
     "name": "Scheduled Model Re-validation",
     "requirement_id": "A&A-02",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "CR-04",
     "name": "AI Incident Response Management",
     "requirement_id": "SEF-03",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "CR-05",
     "name": "Regulatory Notification and Statutory Reporting",
     "requirement_id": "SEF-07",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "CR-06",
     "name": "Post-Market Surveillance",
     "requirement_id": "TVM-08",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "CR-07",
     "name": "Model Retirement and Evidence Archival",
     "requirement_id": "DSP-02",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "CR-08",
     "name": "Cross-Domain Assurance Coordination",
     "requirement_id": "A&A-04",
     "fit": "supporting"
    },
    {
     "domain": "compliance",
     "control": "CA-01",
     "name": "Regulatory Scope Determination",
     "requirement_id": "GRC-07 (Information System Regulatory Mapping)",
     "fit": "direct"
    }
   ],
   "source_refs": [
    {
     "domain": "security",
     "control": "GV-05",
     "name": "Run an AI management system and tier agents by their autonomy",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "LI-08",
     "name": "License and IP Governance — Dataset License Tracking, Derivative Work...",
     "relationship": "implementation_pattern"
    }
   ],
   "by_domain": {
    "security": 46,
    "model": 41,
    "compliance": 1
   },
   "title": "CSA AI Controls Matrix",
   "total": 90
  },
  {
   "source_id": "okta_nhi_agent_identity_2025",
   "framework_refs": [
    {
     "domain": "privacy",
     "control": "DC-03",
     "name": "Consent Registry",
     "requirement_id": "Okta Universal Directory — custom profile attributes for consent state",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DC-04",
     "name": "Consent Signal Validation",
     "requirement_id": "Okta API Access Management — OAuth scopes and consent",
     "fit": "adjacent"
    },
    {
     "domain": "privacy",
     "control": "DC-05",
     "name": "Consent Withdrawal Processing",
     "requirement_id": "Okta Lifecycle Management — automated deprovisioning workflows",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DC-08",
     "name": "Consent Change Propagation",
     "requirement_id": "Okta Workflows — event-driven lifecycle automation",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DS-01",
     "name": "Rights Request Reception",
     "requirement_id": "Okta + DataGrail integration — automated DSR intake",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DS-02",
     "name": "Identity Verification for Rights Requests",
     "requirement_id": "Okta Universal Directory and authentication policies — identity assurance for rights requests",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DS-03",
     "name": "Access Request Fulfillment",
     "requirement_id": "Okta scoped administrator roles — least-privilege data export",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DS-04",
     "name": "Erasure and Anonymization",
     "requirement_id": "Okta Lifecycle Management — account deactivation and deletion workflows",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DS-06",
     "name": "Portability and Interoperability",
     "requirement_id": "Okta Universal Directory — profile export APIs",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DS-07",
     "name": "Objection and Restriction Processing",
     "requirement_id": "Okta Lifecycle Management — account suspension states",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DS-08",
     "name": "Rights Request Evidence Log",
     "requirement_id": "Okta System Log — real-time audit events",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "PM-04",
     "name": "Consent State Consistency Monitoring",
     "requirement_id": "Okta real-time directory synchronization — consent state propagation",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "II-01",
     "name": "AI Agent Identity Registry",
     "requirement_id": "Okta for AI Agents — Agent Registry",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "II-02",
     "name": "Identity Assurance Level Assignment",
     "requirement_id": "Okta for AI Agents — Assurance Levels",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "II-05",
     "name": "Non-Human Identity Separation from Human Identity",
     "requirement_id": "Okta Universal Directory — Human NHI Separation",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "II-06",
     "name": "Accountable Owner Binding",
     "requirement_id": "Okta for AI Agents — Owner Binding",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "II-07",
     "name": "Identity Metadata, Capability Manifest and Artifact Binding",
     "requirement_id": "Okta for AI Agents — Capability Manifest",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "NI-01",
     "name": "Identity Provisioning Gate",
     "requirement_id": "Okta Lifecycle Management — Provisioning Gate",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "NI-02",
     "name": "Credential Issuance and Minimum Privilege",
     "requirement_id": "Okta for AI Agents — Minimum Privilege",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "NI-04",
     "name": "Just-In-Time Credential Issuance",
     "requirement_id": "Okta Cross App Access — Identity Assertion Authorization Grant (ID-JAG)",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "NI-05",
     "name": "Identity Deprovisioning and Revocation",
     "requirement_id": "Okta Lifecycle Management — Deprovisioning",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "NI-06",
     "name": "Ghost Identity Detection and Remediation",
     "requirement_id": "Okta ISPM — Unmanaged Agent Discovery",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "NI-08",
     "name": "Break-Glass Identity and Emergency Access",
     "requirement_id": "Okta Privileged Access — Break Glass",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "DE-02",
     "name": "Scope Boundary Enforcement",
     "requirement_id": "Okta Authorization Server — Scope Boundary Enforcement",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "DE-04",
     "name": "Task-Scoped Delegation",
     "requirement_id": "Okta Cross App Access — task-scoped resource tokens (RFC 8693 token exchange)",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "DE-05",
     "name": "User Consent for Delegated AI Action",
     "requirement_id": "Okta OAuth — User Consent Framework",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "DE-07",
     "name": "Delegation Audit Trail",
     "requirement_id": "Okta System Log — Token Exchange Audit",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "DE-08",
     "name": "Delegation Revocation Propagation",
     "requirement_id": "Okta OAuth — Token Revocation Propagation",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "IF-01",
     "name": "Identity Federation Trust Framework",
     "requirement_id": "Okta Universal Directory — Federation Trust Config",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "IF-02",
     "name": "OIDC/OAuth Federation Configuration",
     "requirement_id": "Okta OIDC — Dynamic Client Registration",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "IF-06",
     "name": "Token Validation and Binding",
     "requirement_id": "Okta OAuth — DPoP token binding (RFC 9449)",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IF-07",
     "name": "Identity Provider Resilience and Fallback",
     "requirement_id": "Okta — Multi Region Resilience",
     "fit": "adjacent"
    },
    {
     "domain": "identity",
     "control": "IM-01",
     "name": "Credential Use Baseline",
     "requirement_id": "Okta ThreatInsight — Machine Identity Baseline",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "IM-02",
     "name": "Anomalous Credential Use Detection",
     "requirement_id": "Okta ThreatInsight — Anomalous Auth Detection",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "IM-03",
     "name": "Impossible Travel and Context Anomaly Detection",
     "requirement_id": "Okta Adaptive MFA — Impossible Travel Detection",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IM-05",
     "name": "Credential Sharing Detection",
     "requirement_id": "Okta — Concurrent Session Detection",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "IM-07",
     "name": "Credential Exposure Scanning",
     "requirement_id": "Okta ISPM — Credential Exposure Scanning",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "IM-08",
     "name": "Identity Incident Response",
     "requirement_id": "Okta Workflows — Identity Incident Response",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "IC-01",
     "name": "Identity Governance Structure",
     "requirement_id": "Okta Identity Governance — Governance Structure",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "IC-03",
     "name": "Identity Access Review",
     "requirement_id": "Okta Access Certifications — Service Account Reviews",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IC-04",
     "name": "Privileged Identity Management for AI",
     "requirement_id": "Okta Privileged Access — Zero Standing Privilege",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IC-06",
     "name": "Third-Party Identity Provider Audit",
     "requirement_id": "Okta trust page (trust.okta.com) — third-party audit certifications",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "IC-07",
     "name": "Identity Program Metrics and KPIs",
     "requirement_id": "Okta Identity Governance — Program Metrics",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "IC-08",
     "name": "Identity Attestation Production",
     "requirement_id": "Okta Identity Governance — Attestation Evidence",
     "fit": "partial"
    }
   ],
   "source_refs": [
    {
     "domain": "privacy",
     "control": "DC-03",
     "name": "Consent Registry",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DC-04",
     "name": "Consent Signal Validation",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DC-05",
     "name": "Consent Withdrawal Processing",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DC-08",
     "name": "Consent Change Propagation",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DS-01",
     "name": "Rights Request Reception",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DS-02",
     "name": "Identity Verification for Rights Requests",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DS-03",
     "name": "Access Request Fulfillment",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DS-04",
     "name": "Erasure and Anonymization",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DS-06",
     "name": "Portability and Interoperability",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DS-07",
     "name": "Objection and Restriction Processing",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DS-08",
     "name": "Rights Request Evidence Log",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "PM-04",
     "name": "Consent State Consistency Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "II-01",
     "name": "AI Agent Identity Registry",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "II-02",
     "name": "Identity Assurance Level Assignment",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "II-05",
     "name": "Non-Human Identity Separation from Human Identity",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "II-06",
     "name": "Accountable Owner Binding",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "II-07",
     "name": "Identity Metadata, Capability Manifest and Artifact Binding",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "NI-01",
     "name": "Identity Provisioning Gate",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "NI-02",
     "name": "Credential Issuance and Minimum Privilege",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "NI-04",
     "name": "Just-In-Time Credential Issuance",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "NI-05",
     "name": "Identity Deprovisioning and Revocation",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "NI-06",
     "name": "Ghost Identity Detection and Remediation",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "NI-08",
     "name": "Break-Glass Identity and Emergency Access",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "DE-02",
     "name": "Scope Boundary Enforcement",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "DE-04",
     "name": "Task-Scoped Delegation",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "DE-05",
     "name": "User Consent for Delegated AI Action",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "DE-07",
     "name": "Delegation Audit Trail",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "DE-08",
     "name": "Delegation Revocation Propagation",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "IF-01",
     "name": "Identity Federation Trust Framework",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "IF-02",
     "name": "OIDC/OAuth Federation Configuration",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "IF-06",
     "name": "Token Validation and Binding",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "IF-07",
     "name": "Identity Provider Resilience and Fallback",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "IM-01",
     "name": "Credential Use Baseline",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "IM-02",
     "name": "Anomalous Credential Use Detection",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "IM-03",
     "name": "Impossible Travel and Context Anomaly Detection",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "IM-05",
     "name": "Credential Sharing Detection",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "IM-07",
     "name": "Credential Exposure Scanning",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "IM-08",
     "name": "Identity Incident Response",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "IC-01",
     "name": "Identity Governance Structure",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "IC-03",
     "name": "Identity Access Review",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "IC-04",
     "name": "Privileged Identity Management for AI",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "IC-06",
     "name": "Third-Party Identity Provider Audit",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "IC-07",
     "name": "Identity Program Metrics and KPIs",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "IC-08",
     "name": "Identity Attestation Production",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {
    "privacy": 12,
    "identity": 32
   },
   "title": "Secure and Govern Non-Human Identities (NHIs) at Scale",
   "total": 88
  },
  {
   "source_id": "aws_financial_services_compliance_2024",
   "framework_refs": [
    {
     "domain": "finance",
     "control": "MR-01",
     "name": "SR 26-2 Model Inventory and Risk Tiering",
     "requirement_id": "AWS Audit Manager",
     "fit": "adjacent"
    },
    {
     "domain": "finance",
     "control": "MR-02",
     "name": "Model Risk Governance Policy Framework",
     "requirement_id": "AWS User Guide to Financial Services Regulations & Guidelines in the United States",
     "fit": "adjacent"
    },
    {
     "domain": "finance",
     "control": "MR-03",
     "name": "Pre-Deployment Model Risk Assessment",
     "requirement_id": "AWS Artifact",
     "fit": "adjacent"
    },
    {
     "domain": "finance",
     "control": "MR-05",
     "name": "Ongoing Model Risk Monitoring",
     "requirement_id": "AWS CloudTrail",
     "fit": "adjacent"
    },
    {
     "domain": "finance",
     "control": "MR-06",
     "name": "Third-Party and Vendor AI Model Risk Management",
     "requirement_id": "Financial Services Industry Lens — AWS Well-Architected",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MR-08",
     "name": "Model Risk Evidence Package",
     "requirement_id": "AWS Artifact",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MV-01",
     "name": "Independent Validation Function Charter",
     "requirement_id": "Financial Services Industry Lens — AWS Well-Architected",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MV-02",
     "name": "Conceptual Soundness Assessment",
     "requirement_id": "AWS Artifact",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MV-03",
     "name": "Outcome Analysis and Backtesting",
     "requirement_id": "AWS Artifact",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MV-05",
     "name": "Validation Frequency and Trigger-Based Review",
     "requirement_id": "AWS Audit Manager",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MV-06",
     "name": "Validation Scope for AI/ML and LLM Models",
     "requirement_id": "Financial Services Industry Lens — AWS Well-Architected",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MV-07",
     "name": "Validation Finding Escalation and Remediation",
     "requirement_id": "AWS Audit Manager",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MV-08",
     "name": "Model Validation Evidence Package",
     "requirement_id": "AWS Artifact",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FD-01",
     "name": "AI-Driven Decision Transparency and Auditability",
     "requirement_id": "AWS CloudTrail",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FD-02",
     "name": "ECOA/Reg B Adverse Action Notice for AI Decisions",
     "requirement_id": "AWS User Guide to Financial Services Regulations & Guidelines in the United States",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FD-03",
     "name": "Fair Lending AI Explainability",
     "requirement_id": "AWS User Guide to Financial Services Regulations & Guidelines in the United States",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FD-04",
     "name": "Model Output Disclosure to Financial Regulators",
     "requirement_id": "AWS Artifact",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FD-06",
     "name": "AI System Disclosure in Financial Filings",
     "requirement_id": "AWS Audit Manager",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FD-07",
     "name": "Model Transparency Dashboard for Senior Management",
     "requirement_id": "Financial Services Industry Lens — AWS Well-Architected",
     "fit": "adjacent"
    },
    {
     "domain": "finance",
     "control": "FD-08",
     "name": "Financial Disclosure Evidence Package",
     "requirement_id": "AWS Artifact",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FC-01",
     "name": "SOX 302/404 Controls over AI-Generated Financial Data",
     "requirement_id": "AWS Audit Manager",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FC-02",
     "name": "AI-Generated Output Materiality Assessment",
     "requirement_id": "AWS Artifact",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FC-03",
     "name": "Reconciliation Controls for AI-Influenced Financial Outputs",
     "requirement_id": "AWS Audit Manager",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FC-04",
     "name": "Change Management Controls for Financial AI Systems",
     "requirement_id": "Financial Services Industry Lens — AWS Well-Architected",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FC-05",
     "name": "Access Controls for Financial AI Systems",
     "requirement_id": "Financial Services Industry Lens — AWS Well-Architected",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FC-06",
     "name": "AI Operational Error and Financial Exception Management",
     "requirement_id": "AWS CloudTrail",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FC-07",
     "name": "Financial Data Integrity Monitoring",
     "requirement_id": "AWS CloudTrail",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FC-08",
     "name": "Financial Controls Evidence Package",
     "requirement_id": "AWS Artifact",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FP-01",
     "name": "AI Use Policy for Financial Decision-Making",
     "requirement_id": "AWS Audit Manager",
     "fit": "adjacent"
    },
    {
     "domain": "finance",
     "control": "FP-02",
     "name": "Prohibited AI Use Cases in Financial Services",
     "requirement_id": "AWS User Guide to Financial Services Regulations & Guidelines in the United States",
     "fit": "adjacent"
    },
    {
     "domain": "finance",
     "control": "FP-03",
     "name": "Financial AI Risk Appetite Statement",
     "requirement_id": "Financial Services Industry Lens — AWS Well-Architected",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FP-04",
     "name": "AI Procurement and Vendor Management Policy for Finance",
     "requirement_id": "Financial Services Industry Lens — AWS Well-Architected",
     "fit": "adjacent"
    },
    {
     "domain": "finance",
     "control": "FP-05",
     "name": "Data Governance Policy for Financial AI",
     "requirement_id": "Financial Services Industry Lens — AWS Well-Architected",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FP-06",
     "name": "Financial AI Change Control Policy",
     "requirement_id": "AWS Audit Manager",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FP-08",
     "name": "Financial Policy Evidence Package",
     "requirement_id": "AWS Artifact",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FG-01",
     "name": "Finance AI Governance Structure",
     "requirement_id": "Financial Services Industry Lens — AWS Well-Architected",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FG-02",
     "name": "Senior and Named Accountability for Financial AI Decisions",
     "requirement_id": "AWS Audit Manager",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FG-03",
     "name": "Board-Level Oversight of Financial AI Risk",
     "requirement_id": "AWS Audit Manager",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FG-04",
     "name": "Regulatory Relationship Management",
     "requirement_id": "AWS User Guide to Financial Services Regulations & Guidelines in the United States",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FG-05",
     "name": "Finance AI Incident Response Integration",
     "requirement_id": "Financial Services Industry Lens — AWS Well-Architected",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FG-06",
     "name": "Financial AI Program Metrics and Board Reporting",
     "requirement_id": "AWS Audit Manager",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FG-07",
     "name": "Annual AI Governance Review",
     "requirement_id": "AWS Artifact",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FG-08",
     "name": "FinanceAttestation Production",
     "requirement_id": "AWS Artifact",
     "fit": "partial"
    }
   ],
   "source_refs": [
    {
     "domain": "finance",
     "control": "MR-01",
     "name": "SR 26-2 Model Inventory and Risk Tiering",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MR-02",
     "name": "Model Risk Governance Policy Framework",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MR-03",
     "name": "Pre-Deployment Model Risk Assessment",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MR-05",
     "name": "Ongoing Model Risk Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MR-06",
     "name": "Third-Party and Vendor AI Model Risk Management",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MR-08",
     "name": "Model Risk Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MV-01",
     "name": "Independent Validation Function Charter",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MV-02",
     "name": "Conceptual Soundness Assessment",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MV-03",
     "name": "Outcome Analysis and Backtesting",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MV-05",
     "name": "Validation Frequency and Trigger-Based Review",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MV-06",
     "name": "Validation Scope for AI/ML and LLM Models",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MV-07",
     "name": "Validation Finding Escalation and Remediation",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "MV-08",
     "name": "Model Validation Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FD-01",
     "name": "AI-Driven Decision Transparency and Auditability",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FD-02",
     "name": "ECOA/Reg B Adverse Action Notice for AI Decisions",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FD-03",
     "name": "Fair Lending AI Explainability",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FD-04",
     "name": "Model Output Disclosure to Financial Regulators",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FD-06",
     "name": "AI System Disclosure in Financial Filings",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FD-07",
     "name": "Model Transparency Dashboard for Senior Management",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FD-08",
     "name": "Financial Disclosure Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FC-01",
     "name": "SOX 302/404 Controls over AI-Generated Financial Data",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FC-02",
     "name": "AI-Generated Output Materiality Assessment",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FC-03",
     "name": "Reconciliation Controls for AI-Influenced Financial Outputs",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FC-04",
     "name": "Change Management Controls for Financial AI Systems",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FC-05",
     "name": "Access Controls for Financial AI Systems",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FC-06",
     "name": "AI Operational Error and Financial Exception Management",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FC-07",
     "name": "Financial Data Integrity Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FC-08",
     "name": "Financial Controls Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FP-01",
     "name": "AI Use Policy for Financial Decision-Making",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FP-02",
     "name": "Prohibited AI Use Cases in Financial Services",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FP-03",
     "name": "Financial AI Risk Appetite Statement",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FP-04",
     "name": "AI Procurement and Vendor Management Policy for Finance",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FP-05",
     "name": "Data Governance Policy for Financial AI",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FP-06",
     "name": "Financial AI Change Control Policy",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FP-08",
     "name": "Financial Policy Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FG-01",
     "name": "Finance AI Governance Structure",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FG-02",
     "name": "Senior and Named Accountability for Financial AI Decisions",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FG-03",
     "name": "Board-Level Oversight of Financial AI Risk",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FG-04",
     "name": "Regulatory Relationship Management",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FG-05",
     "name": "Finance AI Incident Response Integration",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FG-06",
     "name": "Financial AI Program Metrics and Board Reporting",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FG-07",
     "name": "Annual AI Governance Review",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FG-08",
     "name": "FinanceAttestation Production",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {
    "finance": 43
   },
   "title": "AWS User Guide to Financial Services Regulations & Guidelines in the United States",
   "total": 86
  },
  {
   "source_id": "aws_organizations_scp_2024",
   "framework_refs": [
    {
     "domain": "authority",
     "control": "PV-01",
     "name": "Operating Intent Declaration",
     "requirement_id": "AWS Organizations SCP Design — Scope Boundary Enforcement",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PV-02",
     "name": "Operating Intent Boundary Validation",
     "requirement_id": "Amazon Bedrock Policies — Organization-Level Guardrail Enforcement",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PV-04",
     "name": "Authorized Knowledge Source Registry",
     "requirement_id": "AWS Organizations SCP — Approved Data Source Restriction",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PV-05",
     "name": "Knowledge Source Version Governance",
     "requirement_id": "AWS Config — Configuration Drift Detection for Knowledge Resources",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PV-06",
     "name": "Operating Context Change Management",
     "requirement_id": "AWS Control Tower Proactive Controls — Change Governance",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PV-07",
     "name": "Deployment Scope Attestation",
     "requirement_id": "AWS Audit Manager — Deployment Scope Evidence Collection",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PA-01",
     "name": "Delegation of Authority Integration",
     "requirement_id": "AWS IAM Permission Boundaries — Delegation Scope Enforcement",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PA-02",
     "name": "Approval Limit Enforcement",
     "requirement_id": "AWS Organizations SCP + AWS Budgets — Approval Limit Controls",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PA-03",
     "name": "Escalation Gate Design and Testing",
     "requirement_id": "AWS Control Tower Detective Controls — Policy Violation Escalation",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PA-04",
     "name": "Principal Accountability Binding",
     "requirement_id": "AWS CloudTrail — Principal Accountability Binding for All API Calls",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PA-05",
     "name": "Multi-Party Approval Workflow",
     "requirement_id": "AWS Resource Access Manager — Cross-Account Share Acceptance",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PA-06",
     "name": "Emergency Override and Break-Glass",
     "requirement_id": "AWS Break-Glass Account Procedure — SCP Exception with Full Audit",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PA-07",
     "name": "Approval Record and Audit Trail",
     "requirement_id": "AWS CloudTrail + Audit Manager — Tamper-Evident Approval Records",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PA-08",
     "name": "Authority Scope Change Notification",
     "requirement_id": "AWS CloudTrail + EventBridge — SCP and IAM Policy Change Detection",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PO-01",
     "name": "Internal Policy Register for AI Deployments",
     "requirement_id": "AWS Control Tower Landing Zone — Centralized Policy Registry",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PO-02",
     "name": "Policy Version Control and Distribution",
     "requirement_id": "AWS Organizations + CloudTrail — SCP Change History and IaC-Based Policy Versioning",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PO-03",
     "name": "Contractual Obligation Extraction",
     "requirement_id": "AWS Artifact — Compliance Documentation for Contractual Obligations",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PO-04",
     "name": "Contract Term Conflict Detection",
     "requirement_id": "AWS Config — Contractual Requirement Conflict Detection",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PO-05",
     "name": "Data Use Policy Enforcement",
     "requirement_id": "AWS Organizations SCP + Amazon Macie — Data Use Policy Enforcement",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PO-06",
     "name": "Communication and Commitment Policy",
     "requirement_id": "AWS SCP — AI Agent External Communication Service Restriction",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PO-07",
     "name": "Third-Party Policy Requirements",
     "requirement_id": "AWS Control Tower + Marketplace Governance — Third-Party Policy Compliance",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PR-01",
     "name": "AI Procurement Policy Integration",
     "requirement_id": "AWS Marketplace + Control Tower — Procurement Policy Integration",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PR-02",
     "name": "AI-Initiated Commitment Controls",
     "requirement_id": "AWS Organizations SCP + AWS Budgets — AI-Initiated Financial Commitment Controls",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PR-03",
     "name": "Vendor Qualification Enforcement",
     "requirement_id": "AWS Marketplace + Partner Network — Vendor Qualification Framework",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PR-04",
     "name": "Contract Review Gate Compliance",
     "requirement_id": "AWS Artifact — Contract Review Gate Documentation",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PR-05",
     "name": "SLA Commitment Governance",
     "requirement_id": "AWS Service Level Agreements + CloudWatch — SLA Governance",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PR-07",
     "name": "Contract Obligation Monitoring",
     "requirement_id": "AWS Config Continuous Compliance — Contract Obligation Monitoring",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PR-08",
     "name": "Procurement Audit Trail",
     "requirement_id": "AWS CloudTrail + Audit Manager — Procurement Audit Trail",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PG-01",
     "name": "Policy Adherence Monitoring",
     "requirement_id": "AWS Config + Security Hub — Continuous Policy Adherence Monitoring",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PG-02",
     "name": "Authority Limit Monitoring",
     "requirement_id": "AWS Config Rules + CloudTrail Alerting — Authority Limit Violation Detection",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PG-03",
     "name": "Contract Obligation Compliance Monitoring",
     "requirement_id": "AWS Audit Manager — Contract Compliance Evidence Collection",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PG-04",
     "name": "Policy Incident Classification and Response",
     "requirement_id": "AWS Security Hub — Policy Incident Classification and Routing",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PG-05",
     "name": "Knowledge Source Staleness Detection",
     "requirement_id": "AWS Config — Knowledge Resource Configuration Drift Detection",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PG-06",
     "name": "Operating Intent Drift Detection",
     "requirement_id": "CloudTrail + AWS GuardDuty — Behavioral Anomaly Detection for Intent Drift",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PG-07",
     "name": "Policy Governance Reporting",
     "requirement_id": "AWS Security Hub + Audit Manager — Policy Governance Reports",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PG-08",
     "name": "Lessons Learned and Policy Improvement",
     "requirement_id": "AWS Security Hub Findings History — Policy Improvement Input",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PE-01",
     "name": "Policy Evidence Archive",
     "requirement_id": "AWS Audit Manager — Automated Policy Evidence Archive",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PE-02",
     "name": "Regulatory Disclosure Readiness",
     "requirement_id": "AWS Artifact — On-Demand Regulatory Compliance Disclosure",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PE-03",
     "name": "Internal Audit Support Package",
     "requirement_id": "AWS Audit Manager — Internal Audit Evidence Package Generation",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PE-04",
     "name": "Cross-Domain Policy Evidence Integration",
     "requirement_id": "AWS Security Hub — Cross-Domain Policy Evidence Normalization",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PE-05",
     "name": "Contract Audit Trail",
     "requirement_id": "AWS CloudTrail + Audit Manager — Immutable Contract Audit Trail",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PE-06",
     "name": "Board and Senior Management Policy Reporting",
     "requirement_id": "AWS Audit Manager Custom Frameworks — Board-Ready Governance Reports",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PE-08",
     "name": "Policy Attestation",
     "requirement_id": "AWS Audit Manager — Automated Policy Attestation Artifact Generation",
     "fit": "partial"
    }
   ],
   "source_refs": [
    {
     "domain": "authority",
     "control": "PV-01",
     "name": "Operating Intent Declaration",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PV-02",
     "name": "Operating Intent Boundary Validation",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PV-04",
     "name": "Authorized Knowledge Source Registry",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PV-05",
     "name": "Knowledge Source Version Governance",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PV-06",
     "name": "Operating Context Change Management",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PV-07",
     "name": "Deployment Scope Attestation",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PA-01",
     "name": "Delegation of Authority Integration",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PA-02",
     "name": "Approval Limit Enforcement",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PA-03",
     "name": "Escalation Gate Design and Testing",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PA-04",
     "name": "Principal Accountability Binding",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PA-05",
     "name": "Multi-Party Approval Workflow",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PA-06",
     "name": "Emergency Override and Break-Glass",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PA-07",
     "name": "Approval Record and Audit Trail",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PA-08",
     "name": "Authority Scope Change Notification",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PO-01",
     "name": "Internal Policy Register for AI Deployments",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PO-02",
     "name": "Policy Version Control and Distribution",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PO-03",
     "name": "Contractual Obligation Extraction",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PO-04",
     "name": "Contract Term Conflict Detection",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PO-05",
     "name": "Data Use Policy Enforcement",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PO-06",
     "name": "Communication and Commitment Policy",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PO-07",
     "name": "Third-Party Policy Requirements",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PR-01",
     "name": "AI Procurement Policy Integration",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PR-02",
     "name": "AI-Initiated Commitment Controls",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PR-03",
     "name": "Vendor Qualification Enforcement",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PR-04",
     "name": "Contract Review Gate Compliance",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PR-05",
     "name": "SLA Commitment Governance",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PR-07",
     "name": "Contract Obligation Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PR-08",
     "name": "Procurement Audit Trail",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PG-01",
     "name": "Policy Adherence Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PG-02",
     "name": "Authority Limit Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PG-03",
     "name": "Contract Obligation Compliance Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PG-04",
     "name": "Policy Incident Classification and Response",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PG-05",
     "name": "Knowledge Source Staleness Detection",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PG-06",
     "name": "Operating Intent Drift Detection",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PG-07",
     "name": "Policy Governance Reporting",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PG-08",
     "name": "Lessons Learned and Policy Improvement",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PE-01",
     "name": "Policy Evidence Archive",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PE-02",
     "name": "Regulatory Disclosure Readiness",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PE-03",
     "name": "Internal Audit Support Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PE-04",
     "name": "Cross-Domain Policy Evidence Integration",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PE-05",
     "name": "Contract Audit Trail",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PE-06",
     "name": "Board and Senior Management Policy Reporting",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PE-08",
     "name": "Policy Attestation",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {
    "authority": 43
   },
   "title": "AWS Organizations: Service Control Policies & Control Tower",
   "total": 86
  },
  {
   "source_id": "nist_rmf",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "security",
     "control": "GV-05",
     "name": "Run an AI management system and tier agents by their autonomy",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "GV-10",
     "name": "Enable end-user responsibility and guard against automation bias",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "LI-01",
     "name": "Unique Model Identity and Content-Addressed Version Hash",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "LI-02",
     "name": "Model Provenance Chain — Base Model, Fine-Tune, Merge, and Adapter Lineage",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "LI-03",
     "name": "Supply Chain Integrity — Third-Party Model Verification and Cryptographic...",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "LI-04",
     "name": "Structured Model Documentation — Complete Model Card with All Required Sections",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "LI-05",
     "name": "Training Data Lineage Pointer — Link from Model Registry to TG-Layer Dataset...",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "LI-06",
     "name": "Immutable Version Control with Tested Rollback and Emergency Disable",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "LI-07",
     "name": "Capability and Limitation Declaration — Intended Use, Constraints,...",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "LI-08",
     "name": "License and IP Governance — Dataset License Tracking, Derivative Work...",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "LI-09",
     "name": "Material-Change Determination and Authorization Gate",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "LI-10",
     "name": "Model Retirement and Archive Policy — End-of-Life Procedure, Evidence...",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "TG-01",
     "name": "Training Data Quality Gates",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "TG-02",
     "name": "Bias and Representativeness Assessment",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "TG-04",
     "name": "Data Poisoning Prevention",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "TG-05",
     "name": "Train/Evaluation/Test Separation and Contamination Prevention",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "TG-06",
     "name": "Sensitive-Data Necessity, Minimization and Controlled Use",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "TG-07",
     "name": "Third-Party Dataset Governance",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "EV-01",
     "name": "Pre-Deployment Evaluation Gate",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "EV-02",
     "name": "Fitness, Safety, Reliability and Policy-Conformance Evaluation",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "EV-04",
     "name": "Adversarial Red-Team Testing",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "EV-05",
     "name": "Fairness and Bias Evaluation",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "EV-06",
     "name": "Reproducible Evaluation Design",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "EV-07",
     "name": "Regression Testing on Updates",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "EV-08",
     "name": "Independent Validation",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "EV-09",
     "name": "Risk and Applicability Classification",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "EV-10",
     "name": "Evaluation Result Provenance",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "OA-01",
     "name": "Model Ownership Assignment",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "OA-02",
     "name": "Meaningful Human Oversight for High-Stakes Decisions",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "OA-03",
     "name": "AI Model Governance Committee",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "OA-04",
     "name": "Delegated Autonomy Tier Governance",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "OA-06",
     "name": "Third-Party Model and Vendor Risk Oversight",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "OA-07",
     "name": "Incident Escalation Authority Chain",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "OA-08",
     "name": "Notice, Explanation Support, Human Review and Contestability",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "BH-01",
     "name": "Output Anomaly Detection",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "BH-02",
     "name": "Concept and Data Drift Detection",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "BH-03",
     "name": "Production Performance Degradation Alerting",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "BH-04",
     "name": "Behavioral Boundary Performance Testing",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "BH-05",
     "name": "Usage Telemetry and Decision Logging",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "BH-06",
     "name": "Injection-Resistance Evaluation in Production",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "BH-07",
     "name": "Resource and Cost Anomaly Monitoring",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "BH-08",
     "name": "Shadow and Canary Deployment Governance",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "BH-09",
     "name": "Synthetic-Content Provenance, Disclosure and Traceability",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "BH-10",
     "name": "Feedback Loop Integrity and Online Learning Governance",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "CR-01",
     "name": "Continuous Production Monitoring and Risk Aggregation",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "CR-03",
     "name": "Scheduled Model Re-validation",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "CR-04",
     "name": "AI Incident Response Management",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "CR-06",
     "name": "Post-Market Surveillance",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "CR-07",
     "name": "Model Retirement and Evidence Archival",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "CR-08",
     "name": "Cross-Domain Assurance Coordination",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "NI-09",
     "name": "Non-Human Identity Layer Evidence Package",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "DE-09",
     "name": "Delegation Layer Evidence Package",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "IF-09",
     "name": "Identity Federation Layer Evidence Package",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "IM-09",
     "name": "Identity Monitoring Layer Evidence Package",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "agentic",
     "control": "AM-09",
     "name": "Action Effect Reconciliation",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PV-01",
     "name": "Operating Intent Declaration",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PV-02",
     "name": "Operating Intent Boundary Validation",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PV-03",
     "name": "Intended Purpose Alignment Review",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PV-04",
     "name": "Authorized Knowledge Source Registry",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PV-05",
     "name": "Knowledge Source Version Governance",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PV-06",
     "name": "Operating Context Change Management",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PV-07",
     "name": "Deployment Scope Attestation",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PV-08",
     "name": "Principal Intent vs. Agent Behavior Alignment",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PV-09",
     "name": "Principal Verification Layer Evidence Package",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PA-02",
     "name": "Approval Limit Enforcement",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PA-03",
     "name": "Escalation Gate Design and Testing",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PA-06",
     "name": "Emergency Override and Break-Glass",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PA-08",
     "name": "Authority Scope Change Notification",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PA-09",
     "name": "Authority Scope Layer Evidence Package",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PO-01",
     "name": "Internal Policy Register for AI Deployments",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PO-05",
     "name": "Data Use Policy Enforcement",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PO-06",
     "name": "Communication and Commitment Policy",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PO-09",
     "name": "Policy Obligation Layer Evidence Package",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PR-02",
     "name": "AI-Initiated Commitment Controls",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PR-06",
     "name": "AI in Contract Negotiation Controls",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PR-09",
     "name": "Procurement Governance Layer Evidence Package",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PG-01",
     "name": "Policy Adherence Monitoring",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PG-04",
     "name": "Policy Incident Classification and Response",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PG-05",
     "name": "Knowledge Source Staleness Detection",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PG-06",
     "name": "Operating Intent Drift Detection",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PG-08",
     "name": "Lessons Learned and Policy Improvement",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PG-09",
     "name": "Policy Governance Layer Evidence Package",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PE-04",
     "name": "Cross-Domain Policy Evidence Integration",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PE-07",
     "name": "Policy Governance Program Assessment",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PE-08",
     "name": "Policy Attestation",
     "relationship": "implementation_pattern"
    }
   ],
   "by_domain": {},
   "title": "NIST AI RMF 1.0",
   "total": 85
  },
  {
   "source_id": "aws_well_arch_reliability_2024",
   "framework_refs": [
    {
     "domain": "resilience",
     "control": "RV-01",
     "name": "AI System RTO/RPO Definition and Validation",
     "requirement_id": "REL 9 – Back up data to satisfy recovery time objectives",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RV-02",
     "name": "Resilience Control Verification Testing",
     "requirement_id": "REL 12",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RV-03",
     "name": "Chaos Engineering for AI Systems",
     "requirement_id": "REL 12",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RV-04",
     "name": "Recovery Capability Verification After Actual Incident",
     "requirement_id": "REL 12 – Test and validate failure recovery",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RV-05",
     "name": "Third-Party AI Dependency Resilience Assessment",
     "requirement_id": "REL 1",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RV-06",
     "name": "Multi-Region and Multi-AZ Resilience Verification",
     "requirement_id": "REL 10",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RV-07",
     "name": "Degraded-Mode AI Operation Testing",
     "requirement_id": "REL 11",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RV-08",
     "name": "Resilience Verification Evidence Package",
     "requirement_id": "REL 13 – Documented test results from reliability verification activities",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RP-01",
     "name": "AI-Specific Business Continuity Plan",
     "requirement_id": "REL 13",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RP-02",
     "name": "AI System Disaster Recovery Plan",
     "requirement_id": "REL 13",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RP-03",
     "name": "Model Rollback and Previous Version Recovery Planning",
     "requirement_id": "REL 8",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RP-04",
     "name": "RAG Index and Knowledge Base Recovery Plan",
     "requirement_id": "REL 9",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RP-05",
     "name": "Recovery Priority Classification for AI Systems",
     "requirement_id": "REL 10",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RP-06",
     "name": "Third-Party AI Provider Outage Response Plan",
     "requirement_id": "REL 5",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RP-07",
     "name": "Recovery Plan Testing and Tabletop Exercises",
     "requirement_id": "REL 13 — Testing reliability: chaos engineering and disaster recovery testing",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RO-01",
     "name": "AI System Failover Execution Procedures",
     "requirement_id": "REL 8",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RO-02",
     "name": "Model Rollback Execution and Validation",
     "requirement_id": "REL 8 — Deploy changes with automation and safe deployment practices",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RO-03",
     "name": "Data Recovery and Integrity Verification Post-Incident",
     "requirement_id": "REL 9 — Back up data and test recovery procedures including integrity verification",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RO-05",
     "name": "Pre-Restoration Validation Before Traffic Resumption",
     "requirement_id": "REL 13",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RO-06",
     "name": "Recovery Operations Audit Trail",
     "requirement_id": "REL 6 — Monitor workload resources and capture tamper-resistant change records via CloudTrail",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RO-07",
     "name": "Recovery Time Compliance Verification",
     "requirement_id": "REL 13 — Test resiliency and verify that recovery objectives can be met",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RO-08",
     "name": "Recovery Operations Evidence Package",
     "requirement_id": "REL 13 — Document resiliency events and use outcomes to improve recovery capabilities",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "FO-01",
     "name": "Graceful Degradation Design Patterns",
     "requirement_id": "REL 11",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "FO-02",
     "name": "Circuit Breaker Implementation for AI Integrations",
     "requirement_id": "REL 5",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "FO-05",
     "name": "Cascade Failure Prevention in Multi-Agent Pipelines",
     "requirement_id": "REL 5",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "FO-06",
     "name": "Load Shedding and Backpressure Mechanisms",
     "requirement_id": "REL 5",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "FO-07",
     "name": "Fault Tolerance Test Coverage",
     "requirement_id": "REL 12",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "FO-08",
     "name": "Fault Tolerance Evidence Package",
     "requirement_id": "REL 12",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RE-01",
     "name": "High Availability Architecture for AI Systems",
     "requirement_id": "REL 10",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RE-02",
     "name": "Stateless Agent Design and Session Recovery",
     "requirement_id": "REL 12",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RE-03",
     "name": "Data Redundancy and Backup Governance",
     "requirement_id": "AWS Well-Architected Reliability Pillar — Failure management: backup strategy, data replication, and recovery validation procedures",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RE-04",
     "name": "Infrastructure-as-Code for Reproducible Recovery",
     "requirement_id": "REL 12",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RE-05",
     "name": "Dependency Isolation and Bulkhead Patterns",
     "requirement_id": "REL 11",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RE-06",
     "name": "DORA Compliance Architecture for AI Systems",
     "requirement_id": "AWS Well-Architected Reliability Pillar — Resilience design principles, failure management, and testing reliability: implementation patterns for DORA operationa",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RE-07",
     "name": "Resilience Engineering Review in Development Lifecycle",
     "requirement_id": "AWS Well-Architected Framework — Well-Architected Review: structured resilience assessment at architecture and pre-production lifecycle gates",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RE-08",
     "name": "Resilience Engineering Evidence Package",
     "requirement_id": "AWS Well-Architected Reliability Pillar — Testing reliability documentation and failure management evidence: Well-Architected Review findings and remediation tr",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RG-02",
     "name": "Resilience Policy Framework",
     "requirement_id": "Resilience design principles",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RG-04",
     "name": "Resilience Risk Appetite and Threshold Setting",
     "requirement_id": "Failure management — RTO/RPO alignment",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RG-05",
     "name": "Resilience Program Resourcing",
     "requirement_id": "Foundations — organizational prerequisites for reliability",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RG-06",
     "name": "Resilience Incident Response Integration",
     "requirement_id": "Failure management — recovery procedures",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RG-07",
     "name": "Resilience Program Metrics and Board Reporting",
     "requirement_id": "REL 12 — Test reliability (documented outcomes)",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RG-08",
     "name": "ResilienceAttestation Production",
     "requirement_id": "REL 12 — Test reliability (documented evidence)",
     "fit": "adjacent"
    }
   ],
   "source_refs": [
    {
     "domain": "resilience",
     "control": "RV-01",
     "name": "AI System RTO/RPO Definition and Validation",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RV-02",
     "name": "Resilience Control Verification Testing",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RV-03",
     "name": "Chaos Engineering for AI Systems",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RV-04",
     "name": "Recovery Capability Verification After Actual Incident",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RV-05",
     "name": "Third-Party AI Dependency Resilience Assessment",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RV-06",
     "name": "Multi-Region and Multi-AZ Resilience Verification",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RV-07",
     "name": "Degraded-Mode AI Operation Testing",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RV-08",
     "name": "Resilience Verification Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RP-01",
     "name": "AI-Specific Business Continuity Plan",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RP-02",
     "name": "AI System Disaster Recovery Plan",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RP-03",
     "name": "Model Rollback and Previous Version Recovery Planning",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RP-04",
     "name": "RAG Index and Knowledge Base Recovery Plan",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RP-05",
     "name": "Recovery Priority Classification for AI Systems",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RP-06",
     "name": "Third-Party AI Provider Outage Response Plan",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RP-07",
     "name": "Recovery Plan Testing and Tabletop Exercises",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RO-01",
     "name": "AI System Failover Execution Procedures",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RO-02",
     "name": "Model Rollback Execution and Validation",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RO-03",
     "name": "Data Recovery and Integrity Verification Post-Incident",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RO-05",
     "name": "Pre-Restoration Validation Before Traffic Resumption",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RO-06",
     "name": "Recovery Operations Audit Trail",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RO-07",
     "name": "Recovery Time Compliance Verification",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RO-08",
     "name": "Recovery Operations Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "FO-01",
     "name": "Graceful Degradation Design Patterns",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "FO-02",
     "name": "Circuit Breaker Implementation for AI Integrations",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "FO-05",
     "name": "Cascade Failure Prevention in Multi-Agent Pipelines",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "FO-06",
     "name": "Load Shedding and Backpressure Mechanisms",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "FO-07",
     "name": "Fault Tolerance Test Coverage",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "FO-08",
     "name": "Fault Tolerance Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RE-01",
     "name": "High Availability Architecture for AI Systems",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RE-02",
     "name": "Stateless Agent Design and Session Recovery",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RE-03",
     "name": "Data Redundancy and Backup Governance",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RE-04",
     "name": "Infrastructure-as-Code for Reproducible Recovery",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RE-05",
     "name": "Dependency Isolation and Bulkhead Patterns",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RE-06",
     "name": "DORA Compliance Architecture for AI Systems",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RE-07",
     "name": "Resilience Engineering Review in Development Lifecycle",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RE-08",
     "name": "Resilience Engineering Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RG-02",
     "name": "Resilience Policy Framework",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RG-04",
     "name": "Resilience Risk Appetite and Threshold Setting",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RG-05",
     "name": "Resilience Program Resourcing",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RG-06",
     "name": "Resilience Incident Response Integration",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RG-07",
     "name": "Resilience Program Metrics and Board Reporting",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RG-08",
     "name": "ResilienceAttestation Production",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {
    "resilience": 42
   },
   "title": "AWS Well-Architected Reliability Pillar",
   "total": 84
  },
  {
   "source_id": "cobit_2019",
   "framework_refs": [
    {
     "domain": "compliance",
     "control": "CA-01",
     "name": "Regulatory Scope Determination",
     "requirement_id": "BAI02.01",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CA-02",
     "name": "Compliance Framework Selection and Mapping",
     "requirement_id": "MEA03.01",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CA-03",
     "name": "Cross-Domain Evidence Routing",
     "requirement_id": "MEA03.04",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CA-04",
     "name": "Design-Time Compliance Classification",
     "requirement_id": "BAI03.02",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CA-05",
     "name": "Regulatory Change Management",
     "requirement_id": "MEA03.02",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CA-06",
     "name": "Compliance Obligation Gap Analysis",
     "requirement_id": "MEA03.03",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CA-07",
     "name": "Third-Party and Supply Chain Compliance Obligations",
     "requirement_id": "APO10.03",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CA-08",
     "name": "Compliance Architecture Evidence Package",
     "requirement_id": "MEA01.05",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "OB-01",
     "name": "Obligation Register",
     "requirement_id": "APO12.02",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "OB-02",
     "name": "Obligation Owner Assignment",
     "requirement_id": "MEA02.01",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "OB-03",
     "name": "Obligation Due Date and Milestone Tracking",
     "requirement_id": "APO11.03",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "OB-04",
     "name": "EU AI Act Conformity Assessment Obligation Management",
     "requirement_id": "APO12.04",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "OB-05",
     "name": "DORA ICT Obligation Tracking",
     "requirement_id": "MEA03.01",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "OB-06",
     "name": "Contractual AI Obligation Management",
     "requirement_id": "APO09.04",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "OB-07",
     "name": "Obligation Fulfillment Verification",
     "requirement_id": "MEA02.02",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "OB-08",
     "name": "Obligations Evidence Package",
     "requirement_id": "MEA03.04",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "RF-01",
     "name": "EU AI Act High-Risk AI System Classification",
     "requirement_id": "APO12.02",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "RF-02",
     "name": "EU AI Act Conformity Assessment Pathway Selection",
     "requirement_id": "APO11.04",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "RF-03",
     "name": "EU AI Act Technical Documentation Package (Art. 11)",
     "requirement_id": "BAI03.07",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "RF-04",
     "name": "EU AI Act Post-Market Monitoring Plan (Art. 72)",
     "requirement_id": "DSS01.03",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "RF-06",
     "name": "SOC 2 AI-Specific Evidence Production",
     "requirement_id": "APO14.01",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "RF-07",
     "name": "ISO 42001 Certification Pathway",
     "requirement_id": "EDM01",
     "fit": "adjacent"
    },
    {
     "domain": "compliance",
     "control": "RF-08",
     "name": "Regulatory Framework Evidence Package",
     "requirement_id": "MEA01",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CI-03",
     "name": "AI-Specific Compliance KPIs",
     "requirement_id": "MEA01.04",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CI-04",
     "name": "Compliance Tooling Implementation",
     "requirement_id": "APO11.05",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CI-06",
     "name": "Internal Audit of AI Compliance Controls",
     "requirement_id": "MEA02.04",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CI-07",
     "name": "Remediation Tracking and Closure",
     "requirement_id": "MEA02.04",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CI-08",
     "name": "Compliance Implementation Evidence Package",
     "requirement_id": "MEA03.04",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "AU-01",
     "name": "Audit Readiness Program",
     "requirement_id": "MEA02",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "AU-02",
     "name": "Evidence Collection, Curation, and Validation",
     "requirement_id": "APO11.05",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "AU-03",
     "name": "Auditor Access and Cooperation Protocols",
     "requirement_id": "MEA03.04",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "AU-04",
     "name": "Audit Trail Integrity",
     "requirement_id": "DSS06.03",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "AU-05",
     "name": "Regulatory Examination Response Program",
     "requirement_id": "MEA03.04",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "AU-06",
     "name": "Audit Finding Remediation Program",
     "requirement_id": "MEA02.04",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "AU-07",
     "name": "Multi-Framework Evidence Reuse",
     "requirement_id": "APO02.06",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "AU-08",
     "name": "ComplianceAttestation Production",
     "requirement_id": "MEA03.03",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CG-01",
     "name": "Compliance Governance Structure",
     "requirement_id": "APO01",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CG-03",
     "name": "Senior and Board-Level Accountability for AI Compliance",
     "requirement_id": "MEA02",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CG-04",
     "name": "Compliance Risk Appetite Definition",
     "requirement_id": "APO12.02",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CG-05",
     "name": "Compliance Program Resourcing",
     "requirement_id": "APO07",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CG-07",
     "name": "Compliance Program Metrics and KPIs",
     "requirement_id": "MEA01",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CG-08",
     "name": "Compliance Governance Evidence Package",
     "requirement_id": "MEA03",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DX-02",
     "name": "Inter-System Data Transfer Authorization",
     "requirement_id": "DSS05.04",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DX-06",
     "name": "Data Exchange Audit Trail",
     "requirement_id": "MEA03",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DX-08",
     "name": "Data Exchange Evidence Package",
     "requirement_id": "MEA02",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DI-01",
     "name": "Data Integrity Baseline and Checksum Monitoring",
     "requirement_id": "DSS06.05",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DI-02",
     "name": "Tamper Detection for AI Inference Inputs",
     "requirement_id": "APO12.06",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DI-03",
     "name": "Cross-System Data Consistency Validation",
     "requirement_id": "DSS06.05",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DI-04",
     "name": "AI Output Data Integrity Verification",
     "requirement_id": "DSS06.04",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DI-05",
     "name": "Database and Storage Integrity Monitoring",
     "requirement_id": "DSS04.07",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DI-07",
     "name": "Data Integrity Incident Response",
     "requirement_id": "DSS02.07",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DI-08",
     "name": "Data Integrity Evidence Package",
     "requirement_id": "MEA01.04",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DM-01",
     "name": "AI Data Asset Inventory and Cataloging",
     "requirement_id": "APO01.06",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DM-03",
     "name": "Data Retention and Disposal Governance",
     "requirement_id": "APO01.06",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DM-08",
     "name": "Data Management Evidence Package",
     "requirement_id": "MEA01",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DL-01",
     "name": "End-to-End Data Lineage Tracking",
     "requirement_id": "DSS06.05",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DL-05",
     "name": "Data Lineage Completeness Auditing",
     "requirement_id": "MEA02.04",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DL-06",
     "name": "Data Lineage for Regulatory and Legal Purposes",
     "requirement_id": "MEA03.04",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DL-07",
     "name": "Data Lineage Tooling Governance",
     "requirement_id": "APO04.04",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DL-08",
     "name": "Data Lineage Evidence Package",
     "requirement_id": "MEA04",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DA-01",
     "name": "AI Data Access Authorization Framework",
     "requirement_id": "DSS06.03",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DA-04",
     "name": "Privileged Data Access Monitoring",
     "requirement_id": "DSS06.03",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DA-05",
     "name": "AI Data Access Review and Recertification",
     "requirement_id": "DSS06.03",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DA-06",
     "name": "Cross-Border Data Access Jurisdiction Controls",
     "requirement_id": "DSS06.03",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DA-07",
     "name": "Emergency AI Data Access Procedures",
     "requirement_id": "DSS06.03",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DA-08",
     "name": "Data Access Evidence Package",
     "requirement_id": "MEA02",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DV-05",
     "name": "Validation Exception Management",
     "requirement_id": "DSS02.02",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DV-06",
     "name": "Validation Pipeline Monitoring",
     "requirement_id": "MEA01.04",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DV-07",
     "name": "Data Validation Tooling Governance",
     "requirement_id": "BAI03.08",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DV-08",
     "name": "DataGovernanceAttestation Production",
     "requirement_id": "MEA04",
     "fit": "direct"
    }
   ],
   "source_refs": [
    {
     "domain": "authority",
     "control": "PO-02",
     "name": "Policy Version Control and Distribution",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DX-02",
     "name": "Inter-System Data Transfer Authorization",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DX-08",
     "name": "Data Exchange Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DI-07",
     "name": "Data Integrity Incident Response",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DM-03",
     "name": "Data Retention and Disposal Governance",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DM-08",
     "name": "Data Management Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DL-06",
     "name": "Data Lineage for Regulatory and Legal Purposes",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DL-08",
     "name": "Data Lineage Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DA-05",
     "name": "AI Data Access Review and Recertification",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DA-06",
     "name": "Cross-Border Data Access Jurisdiction Controls",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DA-07",
     "name": "Emergency AI Data Access Procedures",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DA-08",
     "name": "Data Access Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DV-08",
     "name": "DataGovernanceAttestation Production",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {
    "compliance": 42,
    "data": 28
   },
   "title": "COBIT 2019",
   "total": 83
  },
  {
   "source_id": "nist_800_63",
   "framework_refs": [
    {
     "domain": "identity",
     "control": "II-01",
     "name": "AI Agent Identity Registry",
     "requirement_id": "SP 800-63-4 (applied by analogy)",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "II-02",
     "name": "Identity Assurance Level Assignment",
     "requirement_id": "SP 800-63-4 §3.3.2",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "II-03",
     "name": "Cryptographic Identity Binding",
     "requirement_id": "SP 800-63B-4 §3",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "II-04",
     "name": "Hardware-Rooted Identity for High-Consequence Agents",
     "requirement_id": "SP 800-63B-4 §3.1.7",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "II-05",
     "name": "Non-Human Identity Separation from Human Identity",
     "requirement_id": "SP 800-63-4 (applied by analogy)",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "II-06",
     "name": "Accountable Owner Binding",
     "requirement_id": "SP 800-63-4 (applied by analogy)",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "II-07",
     "name": "Identity Metadata, Capability Manifest and Artifact Binding",
     "requirement_id": "SP 800-63-4 (applied by analogy)",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "NI-01",
     "name": "Identity Provisioning Gate",
     "requirement_id": "SP 800-63A-4",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "NI-02",
     "name": "Credential Issuance and Minimum Privilege",
     "requirement_id": "SP 800-63B-4",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "NI-03",
     "name": "Credential Lifetime and Forced Rotation",
     "requirement_id": "SP 800-63B-4 §4",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "NI-04",
     "name": "Just-In-Time Credential Issuance",
     "requirement_id": "SP 800-63B-4",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "NI-05",
     "name": "Identity Deprovisioning and Revocation",
     "requirement_id": "SP 800-63B-4 §4",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "NI-07",
     "name": "Credential Storage and Secrets Hygiene",
     "requirement_id": "SP 800-63B-4 §3",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "NI-08",
     "name": "Break-Glass Identity and Emergency Access",
     "requirement_id": "SP 800-63B-4",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "DE-01",
     "name": "Delegation Chain Documentation",
     "requirement_id": "SP 800-63C-4 §2",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "DE-02",
     "name": "Scope Boundary Enforcement",
     "requirement_id": "SP 800-63C-4 §2",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "DE-03",
     "name": "Delegation Depth Limits",
     "requirement_id": "SP 800-63C-4 §2",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "DE-04",
     "name": "Task-Scoped Delegation",
     "requirement_id": "SP 800-63C-4 §2",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "DE-05",
     "name": "User Consent for Delegated AI Action",
     "requirement_id": "SP 800-63A-4",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "DE-06",
     "name": "Cross-Organizational Delegation Governance",
     "requirement_id": "SP 800-63C-4 §3.5",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "DE-08",
     "name": "Delegation Revocation Propagation",
     "requirement_id": "SP 800-63B-4 §4",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IF-01",
     "name": "Identity Federation Trust Framework",
     "requirement_id": "SP 800-63C-4 §2, §3.5",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IF-02",
     "name": "OIDC/OAuth Federation Configuration",
     "requirement_id": "SP 800-63C-4 §2",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IF-03",
     "name": "Cross-Organizational Agent Authentication",
     "requirement_id": "SP 800-63C-4 §2",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IF-04",
     "name": "DID-Based Cryptographic Agent Identity",
     "requirement_id": "SP 800-63C-4 §2",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "IF-05",
     "name": "eIDAS 2.0 Qualified Attestation for EU Operations",
     "requirement_id": "SP 800-63C-4 §2",
     "fit": "adjacent"
    },
    {
     "domain": "identity",
     "control": "IF-06",
     "name": "Token Validation and Binding",
     "requirement_id": "SP 800-63C-4 §3.15–§3.16",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IF-07",
     "name": "Identity Provider Resilience and Fallback",
     "requirement_id": "SP 800-63B-4",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "IM-01",
     "name": "Credential Use Baseline",
     "requirement_id": "SP 800-63B-4 §3",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "IM-02",
     "name": "Anomalous Credential Use Detection",
     "requirement_id": "SP 800-63B-4 §3",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "IM-03",
     "name": "Impossible Travel and Context Anomaly Detection",
     "requirement_id": "SP 800-63B-4 §4",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IM-04",
     "name": "Privilege Escalation Attempt Detection",
     "requirement_id": "SP 800-63B-4 §3",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "IM-05",
     "name": "Credential Sharing Detection",
     "requirement_id": "SP 800-63B-4 §3",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IM-07",
     "name": "Credential Exposure Scanning",
     "requirement_id": "SP 800-63B-4 §3",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IC-01",
     "name": "Identity Governance Structure",
     "requirement_id": "SP 800-63-4 §3",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IC-02",
     "name": "Identity Policy and Standards",
     "requirement_id": "SP 800-63-4 §3.3.2",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IC-05",
     "name": "Identity Compliance Mapping",
     "requirement_id": "SP 800-63-4 §3",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IC-06",
     "name": "Third-Party Identity Provider Audit",
     "requirement_id": "SP 800-63C-4 §3.5",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IC-08",
     "name": "Identity Attestation Production",
     "requirement_id": "SP 800-63-4 §3.4.4",
     "fit": "direct"
    }
   ],
   "source_refs": [
    {
     "domain": "identity",
     "control": "II-01",
     "name": "AI Agent Identity Registry",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "II-02",
     "name": "Identity Assurance Level Assignment",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "II-03",
     "name": "Cryptographic Identity Binding",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "II-04",
     "name": "Hardware-Rooted Identity for High-Consequence Agents",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "II-05",
     "name": "Non-Human Identity Separation from Human Identity",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "II-06",
     "name": "Accountable Owner Binding",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "II-07",
     "name": "Identity Metadata, Capability Manifest and Artifact Binding",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "NI-01",
     "name": "Identity Provisioning Gate",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "NI-02",
     "name": "Credential Issuance and Minimum Privilege",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "NI-03",
     "name": "Credential Lifetime and Forced Rotation",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "NI-04",
     "name": "Just-In-Time Credential Issuance",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "NI-05",
     "name": "Identity Deprovisioning and Revocation",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "NI-07",
     "name": "Credential Storage and Secrets Hygiene",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "NI-08",
     "name": "Break-Glass Identity and Emergency Access",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "DE-01",
     "name": "Delegation Chain Documentation",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "DE-02",
     "name": "Scope Boundary Enforcement",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "DE-03",
     "name": "Delegation Depth Limits",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "DE-04",
     "name": "Task-Scoped Delegation",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "DE-05",
     "name": "User Consent for Delegated AI Action",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "DE-06",
     "name": "Cross-Organizational Delegation Governance",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "DE-08",
     "name": "Delegation Revocation Propagation",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "IF-01",
     "name": "Identity Federation Trust Framework",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "IF-02",
     "name": "OIDC/OAuth Federation Configuration",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "IF-03",
     "name": "Cross-Organizational Agent Authentication",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "IF-04",
     "name": "DID-Based Cryptographic Agent Identity",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "IF-05",
     "name": "eIDAS 2.0 Qualified Attestation for EU Operations",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "IF-06",
     "name": "Token Validation and Binding",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "IF-07",
     "name": "Identity Provider Resilience and Fallback",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "IM-01",
     "name": "Credential Use Baseline",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "IM-02",
     "name": "Anomalous Credential Use Detection",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "IM-03",
     "name": "Impossible Travel and Context Anomaly Detection",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "IM-04",
     "name": "Privilege Escalation Attempt Detection",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "IM-05",
     "name": "Credential Sharing Detection",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "IM-07",
     "name": "Credential Exposure Scanning",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "IC-01",
     "name": "Identity Governance Structure",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "IC-02",
     "name": "Identity Policy and Standards",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "IC-03",
     "name": "Identity Access Review",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "IC-05",
     "name": "Identity Compliance Mapping",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "IC-06",
     "name": "Third-Party Identity Provider Audit",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "IC-07",
     "name": "Identity Program Metrics and KPIs",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "IC-08",
     "name": "Identity Attestation Production",
     "relationship": "implementation_pattern"
    }
   ],
   "by_domain": {
    "identity": 39
   },
   "title": "NIST SP 800-63-4",
   "total": 80
  },
  {
   "source_id": "google_ai_principles_2023",
   "framework_refs": [
    {
     "domain": "ethics",
     "control": "EF-01",
     "name": "Ethics Principles Adoption and Operationalization",
     "requirement_id": "Responsible development and deployment — appropriate human oversight, due diligence, and feedback mechanisms; rigorous design, testing, monitoring, and safeguar",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "EF-02",
     "name": "Values-to-Design Mapping",
     "requirement_id": "Responsible development and deployment — rigorous design, testing, monitoring, and safeguards",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "EF-03",
     "name": "Ethical Risk Appetite Definition",
     "requirement_id": "Bold innovation — pursuing AI where likely overall benefits substantially outweigh foreseeable risks; responsible development and deployment",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "EF-04",
     "name": "Ethics Impact Assessment Framework",
     "requirement_id": "Responsible development and deployment — appropriate human oversight, due diligence, and feedback mechanisms",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "EF-05",
     "name": "EU AI Act Prohibited Practices Governance (Art. 5)",
     "requirement_id": "Responsible development and deployment — alignment with widely accepted principles of international law and human rights",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "EF-06",
     "name": "Ethics-by-Design Integration in Development Lifecycle",
     "requirement_id": "Responsible development and deployment — rigorous design, testing, monitoring, and safeguards",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "EF-07",
     "name": "External Ethics Stakeholder Engagement",
     "requirement_id": "Responsible development and deployment — appropriate human oversight, due diligence, and feedback mechanisms; Bold innovation — benefiting people and society",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "EF-08",
     "name": "Ethics Foundations Evidence Package",
     "requirement_id": "Responsible development and deployment — appropriate human oversight, due diligence, and feedback mechanisms",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "FA-01",
     "name": "Protected Characteristic Identification and Scope",
     "requirement_id": "Responsible development and deployment — mitigating unintended or harmful outcomes and avoiding unfair bias",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "FA-08",
     "name": "Fairness and Accountability Evidence Package",
     "requirement_id": "Responsible development and deployment — mitigating unintended or harmful outcomes and avoiding unfair bias; human oversight and due diligence",
     "fit": "adjacent"
    },
    {
     "domain": "ethics",
     "control": "XP-01",
     "name": "Explainability Method Selection and Justification",
     "requirement_id": "Responsible development and deployment — appropriate human oversight, due diligence, and feedback mechanisms",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "XP-02",
     "name": "Decision-Level Explanation Requirements",
     "requirement_id": "Responsible development and deployment — appropriate human oversight, due diligence, and feedback mechanisms",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "XP-03",
     "name": "Explanation Fidelity and Accuracy Verification",
     "requirement_id": "Responsible development and deployment — appropriate human oversight, due diligence, and feedback mechanisms",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "XP-04",
     "name": "Adverse Action Notice and Explanation (ECOA/Reg B, FCRA)",
     "requirement_id": "Responsible development and deployment — mitigating unintended or harmful outcomes and avoiding unfair bias",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "XP-05",
     "name": "Model Card and System Card Transparency Disclosure",
     "requirement_id": "Responsible development and deployment — appropriate human oversight, due diligence, and feedback mechanisms",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "XP-06",
     "name": "Technical vs. Non-Technical Explanation Tiers",
     "requirement_id": "Responsible development and deployment — appropriate human oversight, due diligence, and feedback mechanisms",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "XP-07",
     "name": "Explanation Completeness and Coverage Auditing",
     "requirement_id": "Responsible development and deployment — appropriate human oversight, due diligence, and feedback mechanisms",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "XP-08",
     "name": "Explainability Evidence Package",
     "requirement_id": "Responsible development and deployment — appropriate human oversight, due diligence, and feedback mechanisms",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "HI-02",
     "name": "Human Dignity and Autonomy Preservation",
     "requirement_id": "Responsible development and deployment — appropriate human oversight, due diligence, and feedback mechanisms",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "HI-03",
     "name": "Vulnerable Population Protection",
     "requirement_id": "Responsible development and deployment — mitigating unintended or harmful outcomes and avoiding unfair bias",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "HI-04",
     "name": "Human Oversight and Override Mechanisms",
     "requirement_id": "Responsible development and deployment — appropriate human oversight, due diligence, and feedback mechanisms",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "HI-05",
     "name": "Remedy and Redress Mechanisms",
     "requirement_id": "Responsible development and deployment — appropriate human oversight, due diligence, and feedback mechanisms",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "HI-06",
     "name": "Consent and Agency Preservation for AI Interactions",
     "requirement_id": "Responsible development and deployment — appropriate human oversight, due diligence, and feedback mechanisms",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "HI-07",
     "name": "Child and Minors Safety Controls",
     "requirement_id": "Responsible development and deployment — rigorous design, testing, monitoring, and safeguards",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "FM-01",
     "name": "Production Fairness Monitoring Program",
     "requirement_id": "Responsible development and deployment — mitigating unintended or harmful outcomes and avoiding unfair bias",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "FM-02",
     "name": "Disparate Outcome Threshold Governance",
     "requirement_id": "Responsible development and deployment — mitigating unintended or harmful outcomes and avoiding unfair bias; human oversight and due diligence",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "FM-03",
     "name": "Statistical Parity and Equalized Odds Monitoring",
     "requirement_id": "Responsible development and deployment — mitigating unintended or harmful outcomes and avoiding unfair bias",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "FM-04",
     "name": "Feedback Loop and Reinforcement Bias Detection",
     "requirement_id": "Responsible development and deployment — mitigating unintended or harmful outcomes and avoiding unfair bias; rigorous design, testing, monitoring, and safeguard",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "FM-05",
     "name": "Fairness Incident Response Program",
     "requirement_id": "Responsible development and deployment — appropriate human oversight, due diligence, and feedback mechanisms",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "FM-06",
     "name": "AI Performance Divergence by Demographic Group",
     "requirement_id": "Responsible development and deployment — mitigating unintended or harmful outcomes and avoiding unfair bias",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "FM-07",
     "name": "Fairness Monitoring Audit Trail",
     "requirement_id": "Responsible development and deployment — appropriate human oversight, due diligence, and feedback mechanisms",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "FM-08",
     "name": "Fairness Monitoring Evidence Package",
     "requirement_id": "Responsible development and deployment — appropriate human oversight, due diligence, and feedback mechanisms",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "EG-01",
     "name": "Ethics Governance Structure",
     "requirement_id": "Responsible development and deployment — appropriate human oversight, due diligence, and feedback mechanisms",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "EG-02",
     "name": "AI Ethics Policy Framework",
     "requirement_id": "Responsible development and deployment — appropriate human oversight, due diligence, and feedback mechanisms",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "EG-03",
     "name": "Senior and Board-Level Ethics Accountability",
     "requirement_id": "Responsible development and deployment — appropriate human oversight, due diligence, and feedback mechanisms",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "EG-04",
     "name": "Ethics Training and Capability Building",
     "requirement_id": "Responsible development and deployment — appropriate human oversight, due diligence, and feedback mechanisms",
     "fit": "adjacent"
    },
    {
     "domain": "ethics",
     "control": "EG-05",
     "name": "Third-Party AI Provider Ethics Accountability",
     "requirement_id": "Responsible development and deployment — appropriate human oversight, due diligence, and feedback mechanisms",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "EG-06",
     "name": "Ethics Incident Response",
     "requirement_id": "Responsible development and deployment — rigorous design, testing, monitoring, and safeguards",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "EG-07",
     "name": "Ethics Program Metrics and Effectiveness Measurement",
     "requirement_id": "Responsible development and deployment — appropriate human oversight, due diligence, and feedback mechanisms",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "EG-08",
     "name": "EthicsAttestation Production",
     "requirement_id": "Responsible development and deployment — appropriate human oversight, due diligence, and feedback mechanisms",
     "fit": "partial"
    }
   ],
   "source_refs": [
    {
     "domain": "ethics",
     "control": "EF-01",
     "name": "Ethics Principles Adoption and Operationalization",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "EF-02",
     "name": "Values-to-Design Mapping",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "EF-03",
     "name": "Ethical Risk Appetite Definition",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "EF-04",
     "name": "Ethics Impact Assessment Framework",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "EF-05",
     "name": "EU AI Act Prohibited Practices Governance (Art. 5)",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "EF-06",
     "name": "Ethics-by-Design Integration in Development Lifecycle",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "EF-07",
     "name": "External Ethics Stakeholder Engagement",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "EF-08",
     "name": "Ethics Foundations Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "FA-01",
     "name": "Protected Characteristic Identification and Scope",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "FA-08",
     "name": "Fairness and Accountability Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "XP-01",
     "name": "Explainability Method Selection and Justification",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "XP-02",
     "name": "Decision-Level Explanation Requirements",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "XP-03",
     "name": "Explanation Fidelity and Accuracy Verification",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "XP-04",
     "name": "Adverse Action Notice and Explanation (ECOA/Reg B, FCRA)",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "XP-05",
     "name": "Model Card and System Card Transparency Disclosure",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "XP-06",
     "name": "Technical vs. Non-Technical Explanation Tiers",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "XP-07",
     "name": "Explanation Completeness and Coverage Auditing",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "XP-08",
     "name": "Explainability Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "HI-02",
     "name": "Human Dignity and Autonomy Preservation",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "HI-03",
     "name": "Vulnerable Population Protection",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "HI-04",
     "name": "Human Oversight and Override Mechanisms",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "HI-05",
     "name": "Remedy and Redress Mechanisms",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "HI-06",
     "name": "Consent and Agency Preservation for AI Interactions",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "HI-07",
     "name": "Child and Minors Safety Controls",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "FM-01",
     "name": "Production Fairness Monitoring Program",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "FM-02",
     "name": "Disparate Outcome Threshold Governance",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "FM-03",
     "name": "Statistical Parity and Equalized Odds Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "FM-04",
     "name": "Feedback Loop and Reinforcement Bias Detection",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "FM-05",
     "name": "Fairness Incident Response Program",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "FM-06",
     "name": "AI Performance Divergence by Demographic Group",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "FM-07",
     "name": "Fairness Monitoring Audit Trail",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "FM-08",
     "name": "Fairness Monitoring Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "EG-01",
     "name": "Ethics Governance Structure",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "EG-02",
     "name": "AI Ethics Policy Framework",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "EG-03",
     "name": "Senior and Board-Level Ethics Accountability",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "EG-04",
     "name": "Ethics Training and Capability Building",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "EG-05",
     "name": "Third-Party AI Provider Ethics Accountability",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "EG-06",
     "name": "Ethics Incident Response",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "EG-07",
     "name": "Ethics Program Metrics and Effectiveness Measurement",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "EG-08",
     "name": "EthicsAttestation Production",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {
    "ethics": 40
   },
   "title": "Google AI Principles",
   "total": 80
  },
  {
   "source_id": "csa_aismm",
   "framework_refs": [
    {
     "domain": "security",
     "control": "IA-01",
     "name": "Give every agent its own distinct identity, never a shared or human login",
     "requirement_id": "IAM-02.2, IAM-03.1, IAM-04.1",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "IA-02",
     "name": "Hand out short-lived, task-scoped keys (no long-lived secrets)",
     "requirement_id": "IAM-05.1",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "IA-03",
     "name": "Act on the user's behalf with explicit approval for sensitive steps",
     "requirement_id": "IAM-04.2",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "IA-04",
     "name": "Check permission continuously at run time, not just once at login",
     "requirement_id": "IAM-04.3, IAM-05.3",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "IA-05",
     "name": "Find and inventory every agent, surface the shadow ones",
     "requirement_id": "ORG-02.1, ORG-04.2, IAM-02.2",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "IA-06",
     "name": "Bind a signed, end-to-end provenance chain to every agent action",
     "requirement_id": "MON-04.1 (end-to-end auditability for agent and delegation chains); IAM-05.2 (delegation-chain validation)",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "EC-01",
     "name": "Run the agent in a sandbox, from process isolation up to micro-VMs",
     "requirement_id": "APP-03.3",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "EC-02",
     "name": "Filter the agent's outbound network traffic",
     "requirement_id": "INF-03.3",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "EC-03",
     "name": "Keep memory short-lived, and validate anything written to it",
     "requirement_id": "DAT-05.2",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "EC-04",
     "name": "Limit filesystem and tool access to the bare minimum",
     "requirement_id": "APP-03.2, APP-04.2",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "EC-05",
     "name": "Cap spend and resource use, stop denial-of-wallet",
     "requirement_id": "APP-04.2 (partial)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "EC-06",
     "name": "Contain runaway loops and over-reach (least-agency)",
     "requirement_id": "APP-03.2, APP-04.2",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "EC-07",
     "name": "Trust-rank retrieved content before it enters the agent's context",
     "requirement_id": "DAT-02.1, DAT-04.1, DAT-04.2",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "EC-08",
     "name": "Keep secrets out of the prompt and context",
     "requirement_id": "DAT-03.3, APP-02.2",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "EC-09",
     "name": "Treat the workspace and its config and hooks as untrusted",
     "requirement_id": "APP-03.2, APP-03.3, DEV-03.1",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "PT-01",
     "name": "Authenticate and sign agent-to-agent communication",
     "requirement_id": "IAM-05.2, APP-03.2",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "PT-02",
     "name": "Authorize tool calls and govern the MCP server registry",
     "requirement_id": "IAM-03.3, IAM-04.3, APP-03.2",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "PT-03",
     "name": "Verify skill/tool manifest integrity and sign the supply chain",
     "requirement_id": "DEV-02.2, DEV-03.2, DEV-04.2",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "PT-04",
     "name": "Validate tool input/output, treat tool results as untrusted",
     "requirement_id": "APP-02.2",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "PT-05",
     "name": "Encode and validate the agent's own output before it reaches other systems",
     "requirement_id": "APP-02.2",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "PT-06",
     "name": "Sanitize model-generated tool parameters, not just the schema",
     "requirement_id": "APP-02.2, APP-04.1",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "PT-07",
     "name": "Verify tool descriptions for hidden instructions (description injection)",
     "requirement_id": "APP-03.2, APP-02.2",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "PT-08",
     "name": "Enforce an instruction hierarchy so tool output cannot give the agent orders",
     "requirement_id": "APP-02.2 (guardrails and prompt separation)",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "GV-01",
     "name": "Require a human hard-stop for irreversible actions",
     "requirement_id": "APP-04.2, IR-04.3",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "GV-02",
     "name": "Keep an immutable, tamper-evident audit trail of what the agent did",
     "requirement_id": "MON-04.1, IR-05.2",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "GV-03",
     "name": "Define multi-agent authority and conflict resolution explicitly",
     "requirement_id": "IAM-05.2",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "GV-04",
     "name": "Enforce policy as code at run time, in the request path",
     "requirement_id": "ORG-05.1, IAM-05.3, APP-04.1",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "GV-05",
     "name": "Run an AI management system and tier agents by their autonomy",
     "requirement_id": "GOV-03.1, RSK-02.2, GOV-05.1",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "GV-06",
     "name": "Cap the rate and volume of irreversible actions",
     "requirement_id": "APP-04.2",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "GV-07",
     "name": "Protect humans from being deceived by an agent",
     "requirement_id": "APP-04.1",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "GV-08",
     "name": "Make high-impact actions transactional, atomic, idempotent, state-checked",
     "requirement_id": "IAM-05.2, APP-04.2",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "GV-09",
     "name": "Anchor a named business owner to every agent (accountability)",
     "requirement_id": "GOV-04.3, IAM-02.2",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "GV-10",
     "name": "Enable end-user responsibility and guard against automation bias",
     "requirement_id": "GOV-03.3 (role-based AI training); GOV-04.3 (oversight escalation)",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "GV-11",
     "name": "Plan recovery and compensation for actions the agent already committed",
     "requirement_id": "IR-02.1 (AI incident response team); INF-04.3 (resilience of AI stateful components)",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "RT-01",
     "name": "Capture OS-level telemetry of what the agent actually does",
     "requirement_id": "MON-02.1, MON-03.1, INF-04.1",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "RT-02",
     "name": "Detect direct and indirect prompt injection at every input and output",
     "requirement_id": "MON-03.2, MON-04.2",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "RT-03",
     "name": "Supervise the agent's reasoning and check it matches its actions",
     "requirement_id": "MON-04.1, MON-05.2",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "RT-04",
     "name": "Detect anomalies and trigger pause, kill switch, or containment",
     "requirement_id": "IR-04.3, IR-05.1",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "RT-05",
     "name": "Apply data-loss prevention to agent egress and interactions",
     "requirement_id": "MON-04.3, DAT-03.3",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "RT-06",
     "name": "Map AI-native threats, extend ATT&CK/ATLAS to agentic orchestration",
     "requirement_id": "MON-05.2, IR-04.1",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "RT-07",
     "name": "Detect multi-agent collusion and covert channels",
     "requirement_id": "MON-05.2",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "RT-08",
     "name": "Monitor latent and representation-level signals, not just visible reasoning",
     "requirement_id": "MON-05.2",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "AS-01",
     "name": "Adversarially red-team and evaluate the agent before launch",
     "requirement_id": "APP-04.3, APP-05.2",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "AS-02",
     "name": "Statically analyze agent skills and manifests in CI",
     "requirement_id": "DEV-03.3, DEV-04.1",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "AS-03",
     "name": "Gate releases on continuous adversarial validation",
     "requirement_id": "MOD-05.1, DEV-03.3",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "AS-05",
     "name": "Study frontier offensive capability before public release",
     "requirement_id": "MOD-02.2, RSK-05.2",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "AS-06",
     "name": "Verify model-weights and training-data provenance before load",
     "requirement_id": "MOD-04.1, DEV-04.2",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "AS-07",
     "name": "Verify a skill does what it declares (behavioral integrity)",
     "requirement_id": "DEV-03.3, DEV-04.1, APP-04.3",
     "fit": "direct"
    }
   ],
   "source_refs": [
    {
     "domain": "security",
     "control": "IA-01",
     "name": "Give every agent its own distinct identity, never a shared or human login",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "IA-02",
     "name": "Hand out short-lived, task-scoped keys (no long-lived secrets)",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "IA-03",
     "name": "Act on the user's behalf with explicit approval for sensitive steps",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "IA-04",
     "name": "Check permission continuously at run time, not just once at login",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "IA-05",
     "name": "Find and inventory every agent, surface the shadow ones",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "EC-01",
     "name": "Run the agent in a sandbox, from process isolation up to micro-VMs",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "EC-02",
     "name": "Filter the agent's outbound network traffic",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "EC-04",
     "name": "Limit filesystem and tool access to the bare minimum",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "EC-06",
     "name": "Contain runaway loops and over-reach (least-agency)",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "EC-07",
     "name": "Trust-rank retrieved content before it enters the agent's context",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "EC-08",
     "name": "Keep secrets out of the prompt and context",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "EC-09",
     "name": "Treat the workspace and its config and hooks as untrusted",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "PT-02",
     "name": "Authorize tool calls and govern the MCP server registry",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "PT-03",
     "name": "Verify skill/tool manifest integrity and sign the supply chain",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "PT-04",
     "name": "Validate tool input/output, treat tool results as untrusted",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "PT-05",
     "name": "Encode and validate the agent's own output before it reaches other systems",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "PT-06",
     "name": "Sanitize model-generated tool parameters, not just the schema",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "PT-07",
     "name": "Verify tool descriptions for hidden instructions (description injection)",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "GV-02",
     "name": "Keep an immutable, tamper-evident audit trail of what the agent did",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "GV-04",
     "name": "Enforce policy as code at run time, in the request path",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "GV-05",
     "name": "Run an AI management system and tier agents by their autonomy",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "RT-01",
     "name": "Capture OS-level telemetry of what the agent actually does",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "RT-02",
     "name": "Detect direct and indirect prompt injection at every input and output",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "RT-04",
     "name": "Detect anomalies and trigger pause, kill switch, or containment",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "RT-05",
     "name": "Apply data-loss prevention to agent egress and interactions",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "RT-06",
     "name": "Map AI-native threats, extend ATT&CK/ATLAS to agentic orchestration",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "AS-01",
     "name": "Adversarially red-team and evaluate the agent before launch",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "AS-02",
     "name": "Statically analyze agent skills and manifests in CI",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "AS-05",
     "name": "Study frontier offensive capability before public release",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "AS-06",
     "name": "Verify model-weights and training-data provenance before load",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "AS-07",
     "name": "Verify a skill does what it declares (behavioral integrity)",
     "relationship": "implementation_pattern"
    }
   ],
   "by_domain": {
    "security": 48
   },
   "title": "CSA AISMM",
   "total": 79
  },
  {
   "source_id": "aws_well_arch_security_iam_2024",
   "framework_refs": [
    {
     "domain": "identity",
     "control": "II-01",
     "name": "AI Agent Identity Registry",
     "requirement_id": "AWS IAM Best Practices — Use Roles Not Users",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "II-02",
     "name": "Identity Assurance Level Assignment",
     "requirement_id": "AWS Well-Architected Security Pillar — SEC02 (identity and access management)",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "II-03",
     "name": "Cryptographic Identity Binding",
     "requirement_id": "AWS IAM Roles Anywhere — Certificate Binding",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "II-04",
     "name": "Hardware-Rooted Identity for High-Consequence Agents",
     "requirement_id": "AWS IAM Roles Anywhere — HSM Integration",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "II-05",
     "name": "Non-Human Identity Separation from Human Identity",
     "requirement_id": "AWS IAM Best Practices — Separate Human Workload Identity",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "II-06",
     "name": "Accountable Owner Binding",
     "requirement_id": "AWS IAM Tagging — Resource Owner Tags",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "II-07",
     "name": "Identity Metadata, Capability Manifest and Artifact Binding",
     "requirement_id": "AWS IAM Tagging — Principal Tags",
     "fit": "adjacent"
    },
    {
     "domain": "identity",
     "control": "II-08",
     "name": "Identity Registry Integrity and Tamper Evidence",
     "requirement_id": "AWS CloudTrail — Log File Integrity",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "NI-01",
     "name": "Identity Provisioning Gate",
     "requirement_id": "AWS Organizations SCPs — Provisioning Restriction",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "NI-02",
     "name": "Credential Issuance and Minimum Privilege",
     "requirement_id": "AWS IAM Best Practices — Least Privilege",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "NI-03",
     "name": "Credential Lifetime and Forced Rotation",
     "requirement_id": "AWS Secrets Manager — Automated Rotation",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "NI-04",
     "name": "Just-In-Time Credential Issuance",
     "requirement_id": "AWS STS — Assume Role Session Policies",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "NI-05",
     "name": "Identity Deprovisioning and Revocation",
     "requirement_id": "AWS IAM — Role Deletion Revocation",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "NI-06",
     "name": "Ghost Identity Detection and Remediation",
     "requirement_id": "AWS IAM Access Analyzer — Unused Access Findings",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "NI-07",
     "name": "Credential Storage and Secrets Hygiene",
     "requirement_id": "AWS Well-Architected SEC02-BP03 — Secrets Management",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "NI-08",
     "name": "Break-Glass Identity and Emergency Access",
     "requirement_id": "AWS IAM — Break Glass Role",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "DE-01",
     "name": "Delegation Chain Documentation",
     "requirement_id": "AWS IAM — Cross Account Role Chaining",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "DE-02",
     "name": "Scope Boundary Enforcement",
     "requirement_id": "AWS IAM — Permission Boundaries",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "DE-03",
     "name": "Delegation Depth Limits",
     "requirement_id": "AWS STS — Role Chaining Session Policy",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "DE-04",
     "name": "Task-Scoped Delegation",
     "requirement_id": "AWS STS — Session Policies Task Scoped",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "DE-06",
     "name": "Cross-Organizational Delegation Governance",
     "requirement_id": "AWS IAM — Cross Account Trust Policies",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "DE-07",
     "name": "Delegation Audit Trail",
     "requirement_id": "AWS CloudTrail — Assume Role Audit Trail",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "DE-08",
     "name": "Delegation Revocation Propagation",
     "requirement_id": "AWS IAM — Role Session Revocation",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "IF-01",
     "name": "Identity Federation Trust Framework",
     "requirement_id": "AWS IAM — Identity Provider Federation",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "IF-03",
     "name": "Cross-Organizational Agent Authentication",
     "requirement_id": "AWS IAM — Cross Account Role Assume Conditions",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "IF-07",
     "name": "Identity Provider Resilience and Fallback",
     "requirement_id": "AWS IAM — Regional STS Endpoints",
     "fit": "adjacent"
    },
    {
     "domain": "identity",
     "control": "IF-08",
     "name": "Cross-Domain Identity Audit Reconciliation",
     "requirement_id": "AWS CloudTrail — Organization Trail",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "IM-01",
     "name": "Credential Use Baseline",
     "requirement_id": "AWS CloudTrail Insights — Behavior Baseline",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "IM-02",
     "name": "Anomalous Credential Use Detection",
     "requirement_id": "AWS GuardDuty — IAM Finding Types",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "IM-03",
     "name": "Impossible Travel and Context Anomaly Detection",
     "requirement_id": "AWS GuardDuty — Instance Credential Exfiltration",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "IM-04",
     "name": "Privilege Escalation Attempt Detection",
     "requirement_id": "AWS GuardDuty — Privilege Escalation Findings",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "IM-05",
     "name": "Credential Sharing Detection",
     "requirement_id": "AWS CloudTrail — Credential Sharing Detection",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "IM-06",
     "name": "Identity Event Log Integrity",
     "requirement_id": "AWS CloudTrail — Log File Integrity Validation",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "IM-07",
     "name": "Credential Exposure Scanning",
     "requirement_id": "AWS Trusted Advisor — Exposed Access Keys / Amazon GuardDuty",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "IM-08",
     "name": "Identity Incident Response",
     "requirement_id": "AWS GuardDuty — Automated Incident Response",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "IC-03",
     "name": "Identity Access Review",
     "requirement_id": "AWS IAM Access Analyzer — Continuous Access Review",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "IC-04",
     "name": "Privileged Identity Management for AI",
     "requirement_id": "AWS IAM — Privileged Role MFA Condition",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "IC-07",
     "name": "Identity Program Metrics and KPIs",
     "requirement_id": "AWS Security Hub — Identity Security Metrics",
     "fit": "partial"
    }
   ],
   "source_refs": [
    {
     "domain": "identity",
     "control": "II-01",
     "name": "AI Agent Identity Registry",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "II-02",
     "name": "Identity Assurance Level Assignment",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "II-03",
     "name": "Cryptographic Identity Binding",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "II-04",
     "name": "Hardware-Rooted Identity for High-Consequence Agents",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "II-05",
     "name": "Non-Human Identity Separation from Human Identity",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "II-06",
     "name": "Accountable Owner Binding",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "II-07",
     "name": "Identity Metadata, Capability Manifest and Artifact Binding",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "II-08",
     "name": "Identity Registry Integrity and Tamper Evidence",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "NI-01",
     "name": "Identity Provisioning Gate",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "NI-02",
     "name": "Credential Issuance and Minimum Privilege",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "NI-03",
     "name": "Credential Lifetime and Forced Rotation",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "NI-04",
     "name": "Just-In-Time Credential Issuance",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "NI-05",
     "name": "Identity Deprovisioning and Revocation",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "NI-06",
     "name": "Ghost Identity Detection and Remediation",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "NI-07",
     "name": "Credential Storage and Secrets Hygiene",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "NI-08",
     "name": "Break-Glass Identity and Emergency Access",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "DE-01",
     "name": "Delegation Chain Documentation",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "DE-02",
     "name": "Scope Boundary Enforcement",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "DE-03",
     "name": "Delegation Depth Limits",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "DE-04",
     "name": "Task-Scoped Delegation",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "DE-06",
     "name": "Cross-Organizational Delegation Governance",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "DE-07",
     "name": "Delegation Audit Trail",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "DE-08",
     "name": "Delegation Revocation Propagation",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "IF-01",
     "name": "Identity Federation Trust Framework",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "IF-03",
     "name": "Cross-Organizational Agent Authentication",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "IF-06",
     "name": "Token Validation and Binding",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "IF-07",
     "name": "Identity Provider Resilience and Fallback",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "IF-08",
     "name": "Cross-Domain Identity Audit Reconciliation",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "IM-01",
     "name": "Credential Use Baseline",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "IM-02",
     "name": "Anomalous Credential Use Detection",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "IM-03",
     "name": "Impossible Travel and Context Anomaly Detection",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "IM-04",
     "name": "Privilege Escalation Attempt Detection",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "IM-05",
     "name": "Credential Sharing Detection",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "IM-06",
     "name": "Identity Event Log Integrity",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "IM-07",
     "name": "Credential Exposure Scanning",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "IM-08",
     "name": "Identity Incident Response",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "IC-03",
     "name": "Identity Access Review",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "IC-04",
     "name": "Privileged Identity Management for AI",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "IC-07",
     "name": "Identity Program Metrics and KPIs",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {
    "identity": 38
   },
   "title": "AWS Well-Architected Security Pillar: Identity and Access Management",
   "total": 77
  },
  {
   "source_id": "dama_dmbok2",
   "framework_refs": [
    {
     "domain": "knowledge",
     "control": "KS-01",
     "name": "Knowledge Source Authorization Register",
     "requirement_id": "Ch. 3",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KS-02",
     "name": "Source Authority Classification",
     "requirement_id": "Ch. 13",
     "fit": "partial"
    },
    {
     "domain": "knowledge",
     "control": "KS-03",
     "name": "Source Currency and Maximum Age Policy",
     "requirement_id": "Ch. 13",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KS-04",
     "name": "Source Provenance Documentation",
     "requirement_id": "Ch. 12",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KS-05",
     "name": "Competing Source Conflict Resolution",
     "requirement_id": "Ch. 13",
     "fit": "partial"
    },
    {
     "domain": "knowledge",
     "control": "KS-08",
     "name": "Knowledge Sources Evidence Package",
     "requirement_id": "Ch. 15",
     "fit": "partial"
    },
    {
     "domain": "knowledge",
     "control": "KI-01",
     "name": "Ingestion Pipeline Authorization",
     "requirement_id": "Ch. 8",
     "fit": "partial"
    },
    {
     "domain": "knowledge",
     "control": "KI-03",
     "name": "Ingestion Format Validation",
     "requirement_id": "Ch. 13",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KI-04",
     "name": "Content Sensitivity Classification at Ingestion",
     "requirement_id": "Ch. 7",
     "fit": "partial"
    },
    {
     "domain": "knowledge",
     "control": "KI-05",
     "name": "Copyright and License Compliance at Ingestion",
     "requirement_id": "Ch. 3",
     "fit": "partial"
    },
    {
     "domain": "knowledge",
     "control": "KI-06",
     "name": "Pre-Ingestion Content Quality Gates",
     "requirement_id": "Ch. 13",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KI-07",
     "name": "Ingestion Audit Trail",
     "requirement_id": "Ch. 9",
     "fit": "partial"
    },
    {
     "domain": "knowledge",
     "control": "KI-08",
     "name": "Knowledge Ingestion Evidence Package",
     "requirement_id": "Ch. 3",
     "fit": "partial"
    },
    {
     "domain": "knowledge",
     "control": "KR-06",
     "name": "Retrieval Performance Monitoring",
     "requirement_id": "Ch. 13",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KR-07",
     "name": "Retrieval Audit Trail",
     "requirement_id": "Ch. 9",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KR-08",
     "name": "Knowledge Retrieval Evidence Package",
     "requirement_id": "Ch. 13",
     "fit": "partial"
    },
    {
     "domain": "knowledge",
     "control": "KC-01",
     "name": "Knowledge Staleness Classification Policy",
     "requirement_id": "Ch. 13",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KC-02",
     "name": "Automated Staleness Detection",
     "requirement_id": "Ch. 13",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KC-03",
     "name": "Knowledge Refresh Scheduling and Execution",
     "requirement_id": "Ch. 8",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KC-04",
     "name": "Knowledge Version Control and Change History",
     "requirement_id": "Ch. 9",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KC-06",
     "name": "Domain-Specific Currency Requirements",
     "requirement_id": "Ch. 13",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KC-08",
     "name": "Knowledge Currency Evidence Package",
     "requirement_id": "Ch. 13",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KM-01",
     "name": "Knowledge Asset Lifecycle Governance",
     "requirement_id": "Ch. 3 — Data Governance",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KM-03",
     "name": "Knowledge Versioning and Change History",
     "requirement_id": "Ch. 9 — Document and Content Management",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KM-04",
     "name": "Knowledge Archival and Retention Policy",
     "requirement_id": "Ch. 6 — Data Storage and Operations",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KM-05",
     "name": "Knowledge-to-Output Lineage Tracking",
     "requirement_id": "Ch. 12 — Metadata Management (data lineage)",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KM-07",
     "name": "Knowledge Base Performance and Quality Metrics",
     "requirement_id": "Ch. 13 — Data Quality",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KM-08",
     "name": "Knowledge Management Evidence Package",
     "requirement_id": "Ch. 15 — Data Management Maturity Assessment",
     "fit": "partial"
    },
    {
     "domain": "knowledge",
     "control": "KG-01",
     "name": "Knowledge Governance Structure",
     "requirement_id": "Ch. 3 — Data Governance",
     "fit": "partial"
    },
    {
     "domain": "knowledge",
     "control": "KG-02",
     "name": "AI Knowledge Substrate Policy Framework",
     "requirement_id": "Ch. 4 — Data Architecture; Ch. 13 — Data Quality",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KG-03",
     "name": "Senior Accountability for Knowledge Quality and Safety",
     "requirement_id": "Ch. 3 — Data Governance: Executive Stewardship",
     "fit": "adjacent"
    },
    {
     "domain": "knowledge",
     "control": "KG-04",
     "name": "Knowledge Risk Assessment",
     "requirement_id": "Ch. 13 — Data Quality Management",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KG-05",
     "name": "External Knowledge Provider Governance",
     "requirement_id": "Ch. 10 — Reference and Master Data Management",
     "fit": "partial"
    },
    {
     "domain": "knowledge",
     "control": "KG-06",
     "name": "Knowledge Incident Response",
     "requirement_id": "Ch. 13 — Data Quality Incident Management",
     "fit": "partial"
    },
    {
     "domain": "knowledge",
     "control": "KG-07",
     "name": "Knowledge Program Metrics and Effectiveness Reporting",
     "requirement_id": "Ch. 13 — Data Quality Metrics",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KG-08",
     "name": "KnowledgeAttestation Production",
     "requirement_id": "Ch. 3 — Data Governance",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DX-01",
     "name": "Data Sensitivity Classification Framework for AI",
     "requirement_id": "Ch. 7",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DX-02",
     "name": "Inter-System Data Transfer Authorization",
     "requirement_id": "Ch. 7",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DX-03",
     "name": "API Contract Governance for AI Data Exchange",
     "requirement_id": "Ch. 8",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DX-06",
     "name": "Data Exchange Audit Trail",
     "requirement_id": "Ch. 7",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DX-07",
     "name": "Data Exchange Security Controls",
     "requirement_id": "Ch. 7",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DX-08",
     "name": "Data Exchange Evidence Package",
     "requirement_id": "Ch. 7",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DI-01",
     "name": "Data Integrity Baseline and Checksum Monitoring",
     "requirement_id": "Ch. 13",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DI-02",
     "name": "Tamper Detection for AI Inference Inputs",
     "requirement_id": "Ch. 13",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DI-03",
     "name": "Cross-System Data Consistency Validation",
     "requirement_id": "Ch. 8",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DI-04",
     "name": "AI Output Data Integrity Verification",
     "requirement_id": "Ch. 13",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DI-05",
     "name": "Database and Storage Integrity Monitoring",
     "requirement_id": "Ch. 6",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DI-07",
     "name": "Data Integrity Incident Response",
     "requirement_id": "Ch. 13",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DI-08",
     "name": "Data Integrity Evidence Package",
     "requirement_id": "Ch. 13",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DM-01",
     "name": "AI Data Asset Inventory and Cataloging",
     "requirement_id": "Ch. 12",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DM-03",
     "name": "Data Retention and Disposal Governance",
     "requirement_id": "Ch. 6",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DM-04",
     "name": "Master Data Management for AI Systems",
     "requirement_id": "Ch. 10",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DM-05",
     "name": "Data Quality Standards and Target Setting",
     "requirement_id": "Ch. 13",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DM-06",
     "name": "Data Schema Governance and Breaking Change Control",
     "requirement_id": "Ch. 8",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DM-07",
     "name": "Synthetic Data Governance",
     "requirement_id": "Ch. 14",
     "fit": "adjacent"
    },
    {
     "domain": "data",
     "control": "DM-08",
     "name": "Data Management Evidence Package",
     "requirement_id": "Ch. 3",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DL-01",
     "name": "End-to-End Data Lineage Tracking",
     "requirement_id": "Ch. 12",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DL-02",
     "name": "Training Data Lineage Documentation",
     "requirement_id": "Ch. 12",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DL-03",
     "name": "Inference-Time Data Lineage (Per-Decision Provenance)",
     "requirement_id": "Ch. 12",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DL-04",
     "name": "Transformation and Enrichment Lineage",
     "requirement_id": "Ch. 12",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DL-05",
     "name": "Data Lineage Completeness Auditing",
     "requirement_id": "Ch. 12",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DL-07",
     "name": "Data Lineage Tooling Governance",
     "requirement_id": "Ch. 12",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DL-08",
     "name": "Data Lineage Evidence Package",
     "requirement_id": "Ch. 12",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DA-01",
     "name": "AI Data Access Authorization Framework",
     "requirement_id": "Ch. 7",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DA-02",
     "name": "Data Minimization Implementation for AI",
     "requirement_id": "Ch. 7",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DA-04",
     "name": "Privileged Data Access Monitoring",
     "requirement_id": "Ch. 7",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DA-05",
     "name": "AI Data Access Review and Recertification",
     "requirement_id": "Ch. 7",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DA-07",
     "name": "Emergency AI Data Access Procedures",
     "requirement_id": "Ch. 7",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DA-08",
     "name": "Data Access Evidence Package",
     "requirement_id": "Ch. 7",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DV-01",
     "name": "Schema Validation for AI Inputs",
     "requirement_id": "Ch. 13 — Validity",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DV-02",
     "name": "Data Quality Gate Enforcement",
     "requirement_id": "Ch. 13 — Data Quality Management",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DV-03",
     "name": "Statistical Distribution Validation",
     "requirement_id": "Ch. 13 — Consistency",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DV-04",
     "name": "AI Output Validation Rules",
     "requirement_id": "Ch. 13 — Accuracy",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DV-05",
     "name": "Validation Exception Management",
     "requirement_id": "Ch. 13 — Issue Management",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DV-06",
     "name": "Validation Pipeline Monitoring",
     "requirement_id": "Ch. 13 — Measurement and Reporting",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DV-07",
     "name": "Data Validation Tooling Governance",
     "requirement_id": "Ch. 13 — Tools and Techniques",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DV-08",
     "name": "DataGovernanceAttestation Production",
     "requirement_id": "Ch. 3 — Data Governance Documentation",
     "fit": "direct"
    }
   ],
   "source_refs": [],
   "by_domain": {
    "knowledge": 36,
    "data": 41
   },
   "title": "dama_dmbok2",
   "total": 77
  },
  {
   "source_id": "coso_erm",
   "framework_refs": [
    {
     "domain": "compliance",
     "control": "CA-01",
     "name": "Regulatory Scope Determination",
     "requirement_id": "Component 2: Objective Setting",
     "fit": "adjacent"
    },
    {
     "domain": "compliance",
     "control": "CA-04",
     "name": "Design-Time Compliance Classification",
     "requirement_id": "Principle 10",
     "fit": "adjacent"
    },
    {
     "domain": "compliance",
     "control": "CA-06",
     "name": "Compliance Obligation Gap Analysis",
     "requirement_id": "Principle 10",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CA-08",
     "name": "Compliance Architecture Evidence Package",
     "requirement_id": "Component 5 — Information, Communication, and Reporting",
     "fit": "adjacent"
    },
    {
     "domain": "compliance",
     "control": "OB-01",
     "name": "Obligation Register",
     "requirement_id": "Principle 10",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "OB-02",
     "name": "Obligation Owner Assignment",
     "requirement_id": "Principle 2",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "OB-03",
     "name": "Obligation Due Date and Milestone Tracking",
     "requirement_id": "Principle 10",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "OB-04",
     "name": "EU AI Act Conformity Assessment Obligation Management",
     "requirement_id": "Principle 6",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "OB-05",
     "name": "DORA ICT Obligation Tracking",
     "requirement_id": "Principle 10",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "OB-06",
     "name": "Contractual AI Obligation Management",
     "requirement_id": "Principle 10",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "OB-07",
     "name": "Obligation Fulfillment Verification",
     "requirement_id": "Principle 16",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "OB-08",
     "name": "Obligations Evidence Package",
     "requirement_id": "Principle 16",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "RF-01",
     "name": "EU AI Act High-Risk AI System Classification",
     "requirement_id": "Principle 11",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "RF-02",
     "name": "EU AI Act Conformity Assessment Pathway Selection",
     "requirement_id": "Principle 13",
     "fit": "adjacent"
    },
    {
     "domain": "compliance",
     "control": "RF-04",
     "name": "EU AI Act Post-Market Monitoring Plan (Art. 72)",
     "requirement_id": "Principle 16",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CI-01",
     "name": "Compliance Control Testing Program",
     "requirement_id": "Principle 15",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CI-03",
     "name": "AI-Specific Compliance KPIs",
     "requirement_id": "Principle 19",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CI-05",
     "name": "Compliance Training and Awareness Program",
     "requirement_id": "Principle 5",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CI-06",
     "name": "Internal Audit of AI Compliance Controls",
     "requirement_id": "Principle 15",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CI-08",
     "name": "Compliance Implementation Evidence Package",
     "requirement_id": "Principle 20",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "AU-01",
     "name": "Audit Readiness Program",
     "requirement_id": "Principle 16",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "AU-05",
     "name": "Regulatory Examination Response Program",
     "requirement_id": "Principle 10",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "AU-06",
     "name": "Audit Finding Remediation Program",
     "requirement_id": "Principle 17",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "AU-08",
     "name": "ComplianceAttestation Production",
     "requirement_id": "Principle 20",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CG-01",
     "name": "Compliance Governance Structure",
     "requirement_id": "Component 1 — Governance and Culture",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CG-02",
     "name": "Compliance Policy Framework for AI",
     "requirement_id": "Component 2 — Strategy and Objective-Setting",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CG-03",
     "name": "Senior and Board-Level Accountability for AI Compliance",
     "requirement_id": "Component 1 — Board Oversight",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CG-04",
     "name": "Compliance Risk Appetite Definition",
     "requirement_id": "Component 2 — Risk Appetite",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CG-05",
     "name": "Compliance Program Resourcing",
     "requirement_id": "Component 1 — Attract and Retain Capable Individuals",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CG-06",
     "name": "Compliance Incident Response",
     "requirement_id": "Component 4 — Review and Revision",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CG-07",
     "name": "Compliance Program Metrics and KPIs",
     "requirement_id": "Component 5 — Information, Communication, and Reporting",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CG-08",
     "name": "Compliance Governance Evidence Package",
     "requirement_id": "Component 5 — Reporting",
     "fit": "direct"
    },
    {
     "domain": "authority",
     "control": "PV-01",
     "name": "Operating Intent Declaration",
     "requirement_id": "Principle 11 — Assesses Severity of Risk",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PV-02",
     "name": "Operating Intent Boundary Validation",
     "requirement_id": "Principle 11 — Assesses Severity of Risk",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PV-06",
     "name": "Operating Context Change Management",
     "requirement_id": "Principle 17 — Pursues Improvement in Enterprise Risk Management",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PA-01",
     "name": "Delegation of Authority Integration",
     "requirement_id": "Principle 2 — Establishes Operating Structures",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PA-02",
     "name": "Approval Limit Enforcement",
     "requirement_id": "Principle 7 — Defines Risk Appetite",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PA-03",
     "name": "Escalation Gate Design and Testing",
     "requirement_id": "Principle 15 — Assesses Substantial Change",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PA-04",
     "name": "Principal Accountability Binding",
     "requirement_id": "Principle 1 — Exercises Board Risk Oversight",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PA-05",
     "name": "Multi-Party Approval Workflow",
     "requirement_id": "Principle 7 — Defines Risk Appetite",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PA-07",
     "name": "Approval Record and Audit Trail",
     "requirement_id": "Principle 13 — Implements Risk Responses",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PO-06",
     "name": "Communication and Commitment Policy",
     "requirement_id": "Principle 15 — Assesses substantial change",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PO-08",
     "name": "Policy Obligation Gap Analysis",
     "requirement_id": "Principle 10 — Identifies Risk",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PR-01",
     "name": "AI Procurement Policy Integration",
     "requirement_id": "Principle 15 — Assesses substantial change",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PR-02",
     "name": "AI-Initiated Commitment Controls",
     "requirement_id": "Principle 7 — Defines risk appetite",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PR-07",
     "name": "Contract Obligation Monitoring",
     "requirement_id": "Principle 13 — Implements risk responses",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PG-01",
     "name": "Policy Adherence Monitoring",
     "requirement_id": "Principle 9 — Formulates business objectives",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PG-02",
     "name": "Authority Limit Monitoring",
     "requirement_id": "Principle 13 — Implements risk responses",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PG-03",
     "name": "Contract Obligation Compliance Monitoring",
     "requirement_id": "Principle 13 — Implements risk responses",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PG-04",
     "name": "Policy Incident Classification and Response",
     "requirement_id": "Principle 11 — Assesses Severity of Risk",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PG-07",
     "name": "Policy Governance Reporting",
     "requirement_id": "Principle 18 — Leverages information and technology",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PG-08",
     "name": "Lessons Learned and Policy Improvement",
     "requirement_id": "Principle 20 — Reports on risk, culture, and performance",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PE-06",
     "name": "Board and Senior Management Policy Reporting",
     "requirement_id": "Principle 1 — Exercises Board Risk Oversight",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PE-07",
     "name": "Policy Governance Program Assessment",
     "requirement_id": "Principle 18 — Leverages information and technology",
     "fit": "adjacent"
    }
   ],
   "source_refs": [
    {
     "domain": "authority",
     "control": "PV-01",
     "name": "Operating Intent Declaration",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PV-02",
     "name": "Operating Intent Boundary Validation",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PV-06",
     "name": "Operating Context Change Management",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PA-01",
     "name": "Delegation of Authority Integration",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PA-02",
     "name": "Approval Limit Enforcement",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PA-02",
     "name": "Approval Limit Enforcement",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PA-03",
     "name": "Escalation Gate Design and Testing",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PA-04",
     "name": "Principal Accountability Binding",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PA-04",
     "name": "Principal Accountability Binding",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PA-05",
     "name": "Multi-Party Approval Workflow",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PA-07",
     "name": "Approval Record and Audit Trail",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PO-06",
     "name": "Communication and Commitment Policy",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PO-08",
     "name": "Policy Obligation Gap Analysis",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PR-01",
     "name": "AI Procurement Policy Integration",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PR-02",
     "name": "AI-Initiated Commitment Controls",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PR-07",
     "name": "Contract Obligation Monitoring",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PG-02",
     "name": "Authority Limit Monitoring",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PG-03",
     "name": "Contract Obligation Compliance Monitoring",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PG-07",
     "name": "Policy Governance Reporting",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PE-06",
     "name": "Board and Senior Management Policy Reporting",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PE-06",
     "name": "Board and Senior Management Policy Reporting",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PE-07",
     "name": "Policy Governance Program Assessment",
     "relationship": "implementation_pattern"
    }
   ],
   "by_domain": {
    "compliance": 32,
    "authority": 22
   },
   "title": "COSO ERM 2017",
   "total": 76
  },
  {
   "source_id": "microsoft_azure_reliability_2024",
   "framework_refs": [
    {
     "domain": "resilience",
     "control": "RV-01",
     "name": "AI System RTO/RPO Definition and Validation",
     "requirement_id": "BCDR – Recovery objectives (RTO/RPO) definition and validation",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RV-02",
     "name": "Resilience Control Verification Testing",
     "requirement_id": "BCDR – Testing and validation of failover and recovery controls",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RV-03",
     "name": "Chaos Engineering for AI Systems",
     "requirement_id": "BCDR – Chaos testing and resilience validation (Azure Chaos Studio)",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RV-04",
     "name": "Recovery Capability Verification After Actual Incident",
     "requirement_id": "BCDR – Post-incident review and recovery objective validation",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RV-05",
     "name": "Third-Party AI Dependency Resilience Assessment",
     "requirement_id": "BCDR – Third-party service dependency continuity planning",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RV-06",
     "name": "Multi-Region and Multi-AZ Resilience Verification",
     "requirement_id": "RE:05",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RV-07",
     "name": "Degraded-Mode AI Operation Testing",
     "requirement_id": "BCDR – Graceful degradation design and availability zone failover",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RV-08",
     "name": "Resilience Verification Evidence Package",
     "requirement_id": "Business continuity planning – BCDR evidence documentation and audit readiness",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RP-01",
     "name": "AI-Specific Business Continuity Plan",
     "requirement_id": "BCDR design guidance — Business continuity planning methodology",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RP-02",
     "name": "AI System Disaster Recovery Plan",
     "requirement_id": "BCDR design guidance — Recovery objectives and failover configuration",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RP-03",
     "name": "Model Rollback and Previous Version Recovery Planning",
     "requirement_id": "Failover configuration — Blue/green deployment and deployment slot management",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RP-04",
     "name": "RAG Index and Knowledge Base Recovery Plan",
     "requirement_id": "Azure Well-Architected RE:09",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RP-05",
     "name": "Recovery Priority Classification for AI Systems",
     "requirement_id": "Recovery objectives — Business continuity tiering by service criticality",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RP-06",
     "name": "Third-Party AI Provider Outage Response Plan",
     "requirement_id": "BCDR design guidance — Geo-redundancy and failover configuration",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RP-07",
     "name": "Recovery Plan Testing and Tabletop Exercises",
     "requirement_id": "BCDR design guidance — Testing and validation program",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RO-01",
     "name": "AI System Failover Execution Procedures",
     "requirement_id": "BCDR — Failover configuration and availability zone design",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RO-02",
     "name": "Model Rollback Execution and Validation",
     "requirement_id": "BCDR design guidance — Deployment rollback and blue-green recovery patterns",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RO-03",
     "name": "Data Recovery and Integrity Verification Post-Incident",
     "requirement_id": "BCDR — Data backup, geo-redundant recovery, and RPO verification for AI workloads",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RO-04",
     "name": "Recovery Operations Communication Protocol",
     "requirement_id": "Business continuity planning — Communication procedures and escalation trees during disruptions",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RO-05",
     "name": "Pre-Restoration Validation Before Traffic Resumption",
     "requirement_id": "Failover configuration — Return-to-service validation and progressive traffic restoration",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RO-06",
     "name": "Recovery Operations Audit Trail",
     "requirement_id": "BCDR design guidance — Recovery documentation and activity log requirements",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RO-07",
     "name": "Recovery Time Compliance Verification",
     "requirement_id": "Recovery objectives — RTO/RPO measurement and BCDR compliance verification",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RO-08",
     "name": "Recovery Operations Evidence Package",
     "requirement_id": "BCDR design guidance — Post-recovery documentation and compliance reporting requirements",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "FO-02",
     "name": "Circuit Breaker Implementation for AI Integrations",
     "requirement_id": "Circuit Breaker Pattern — Azure Architecture Center",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "FO-08",
     "name": "Fault Tolerance Evidence Package",
     "requirement_id": "BCDR documentation: fault tolerance evidence",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RE-01",
     "name": "High Availability Architecture for AI Systems",
     "requirement_id": "Azure Resiliency — Availability zone design and geo-redundancy for mission-critical workloads",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RE-02",
     "name": "Stateless Agent Design and Session Recovery",
     "requirement_id": "Durable Functions checkpoint",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RE-03",
     "name": "Data Redundancy and Backup Governance",
     "requirement_id": "Azure Resiliency & BCDR — Geo-redundant storage design, Azure Backup policies, and recovery objective alignment for AI/ML workloads",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RE-04",
     "name": "Infrastructure-as-Code for Reproducible Recovery",
     "requirement_id": "Azure Resiliency & BCDR — infrastructure-as-code recovery (ARM templates and Bicep)",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RE-05",
     "name": "Dependency Isolation and Bulkhead Patterns",
     "requirement_id": "Bulkhead pattern",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RE-06",
     "name": "DORA Compliance Architecture for AI Systems",
     "requirement_id": "Azure Resiliency & BCDR — design guidance for regulated workloads",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RE-07",
     "name": "Resilience Engineering Review in Development Lifecycle",
     "requirement_id": "Azure Resiliency & BCDR — Design lifecycle integration: BCDR planning and pre-production readiness review for Azure workloads",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RE-08",
     "name": "Resilience Engineering Evidence Package",
     "requirement_id": "Azure Resiliency & BCDR — BCDR documentation, failover test reports, and recovery objective verification records as resilience compliance evidence",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RG-01",
     "name": "Resilience Governance Structure",
     "requirement_id": "Business continuity planning",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RG-02",
     "name": "Resilience Policy Framework",
     "requirement_id": "BCDR design guidance",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RG-03",
     "name": "Senior Accountability for AI Operational Resilience",
     "requirement_id": "Business continuity planning",
     "fit": "adjacent"
    },
    {
     "domain": "resilience",
     "control": "RG-04",
     "name": "Resilience Risk Appetite and Threshold Setting",
     "requirement_id": "Recovery objectives — BCDR design guidance",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RG-06",
     "name": "Resilience Incident Response Integration",
     "requirement_id": "Failover configuration and recovery objectives",
     "fit": "partial"
    }
   ],
   "source_refs": [
    {
     "domain": "resilience",
     "control": "RV-01",
     "name": "AI System RTO/RPO Definition and Validation",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RV-02",
     "name": "Resilience Control Verification Testing",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RV-03",
     "name": "Chaos Engineering for AI Systems",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RV-04",
     "name": "Recovery Capability Verification After Actual Incident",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RV-05",
     "name": "Third-Party AI Dependency Resilience Assessment",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RV-06",
     "name": "Multi-Region and Multi-AZ Resilience Verification",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RV-07",
     "name": "Degraded-Mode AI Operation Testing",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RV-08",
     "name": "Resilience Verification Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RP-01",
     "name": "AI-Specific Business Continuity Plan",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RP-02",
     "name": "AI System Disaster Recovery Plan",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RP-03",
     "name": "Model Rollback and Previous Version Recovery Planning",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RP-04",
     "name": "RAG Index and Knowledge Base Recovery Plan",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RP-05",
     "name": "Recovery Priority Classification for AI Systems",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RP-06",
     "name": "Third-Party AI Provider Outage Response Plan",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RP-07",
     "name": "Recovery Plan Testing and Tabletop Exercises",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RO-01",
     "name": "AI System Failover Execution Procedures",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RO-02",
     "name": "Model Rollback Execution and Validation",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RO-03",
     "name": "Data Recovery and Integrity Verification Post-Incident",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RO-04",
     "name": "Recovery Operations Communication Protocol",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RO-05",
     "name": "Pre-Restoration Validation Before Traffic Resumption",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RO-06",
     "name": "Recovery Operations Audit Trail",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RO-07",
     "name": "Recovery Time Compliance Verification",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RO-08",
     "name": "Recovery Operations Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "FO-02",
     "name": "Circuit Breaker Implementation for AI Integrations",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "FO-08",
     "name": "Fault Tolerance Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RE-01",
     "name": "High Availability Architecture for AI Systems",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RE-02",
     "name": "Stateless Agent Design and Session Recovery",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RE-03",
     "name": "Data Redundancy and Backup Governance",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RE-04",
     "name": "Infrastructure-as-Code for Reproducible Recovery",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RE-05",
     "name": "Dependency Isolation and Bulkhead Patterns",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RE-06",
     "name": "DORA Compliance Architecture for AI Systems",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RE-07",
     "name": "Resilience Engineering Review in Development Lifecycle",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RE-08",
     "name": "Resilience Engineering Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RG-01",
     "name": "Resilience Governance Structure",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RG-02",
     "name": "Resilience Policy Framework",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RG-03",
     "name": "Senior Accountability for AI Operational Resilience",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RG-04",
     "name": "Resilience Risk Appetite and Threshold Setting",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RG-06",
     "name": "Resilience Incident Response Integration",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {
    "resilience": 38
   },
   "title": "Microsoft Azure Resiliency & BCDR",
   "total": 76
  },
  {
   "source_id": "google_org_policy_service_2024",
   "framework_refs": [
    {
     "domain": "authority",
     "control": "PV-02",
     "name": "Operating Intent Boundary Validation",
     "requirement_id": "Google Cloud Organization Policy — Resource Constraint Enforcement",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PV-03",
     "name": "Intended Purpose Alignment Review",
     "requirement_id": "Google Cloud Organization Policy — Managed Constraint Compliance Review",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PV-04",
     "name": "Authorized Knowledge Source Registry",
     "requirement_id": "Google Cloud Organization Policy — Service Usage Restriction Constraints",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PV-05",
     "name": "Knowledge Source Version Governance",
     "requirement_id": "Google Cloud Asset Inventory — Knowledge Resource Version Monitoring",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PV-06",
     "name": "Operating Context Change Management",
     "requirement_id": "Google Cloud Organization Policy — Policy Simulation for Context Changes",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PV-08",
     "name": "Principal Intent vs. Agent Behavior Alignment",
     "requirement_id": "Google Gemini Enterprise Agent Platform — Agent Access Control",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PA-01",
     "name": "Delegation of Authority Integration",
     "requirement_id": "Google Cloud IAM Resource Hierarchy — Inherited Authority Limits",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PA-02",
     "name": "Approval Limit Enforcement",
     "requirement_id": "Google Cloud Privileged Access Manager — Approval-Gated Elevated Permissions",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PA-03",
     "name": "Escalation Gate Design and Testing",
     "requirement_id": "Google Cloud Privileged Access Manager — Multi-Level Approval Escalation",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PA-04",
     "name": "Principal Accountability Binding",
     "requirement_id": "Google Cloud Audit Logs — Non-Repudiable Principal Binding",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PA-05",
     "name": "Multi-Party Approval Workflow",
     "requirement_id": "Google Cloud PAM Multi-Level Approval — Dual-Authorization Workflows",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PA-06",
     "name": "Emergency Override and Break-Glass",
     "requirement_id": "Google Cloud PAM Emergency Access — Justified Time-Bounded Break-Glass",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PA-07",
     "name": "Approval Record and Audit Trail",
     "requirement_id": "Google Cloud Audit Logs — Immutable Approval Event Records",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PA-08",
     "name": "Authority Scope Change Notification",
     "requirement_id": "Google Cloud Asset Inventory + Pub/Sub — Real-Time Policy Change Notification",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PO-01",
     "name": "Internal Policy Register for AI Deployments",
     "requirement_id": "Google Cloud Organization Policy Service — Centralized Machine-Readable Policy Register",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PO-02",
     "name": "Policy Version Control and Distribution",
     "requirement_id": "Google Cloud Organization Policy Dry-Run — Safe Policy Version Testing",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PO-03",
     "name": "Contractual Obligation Extraction",
     "requirement_id": "Google Assured Workloads — Regulatory Obligation Constraint Mapping",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PO-04",
     "name": "Contract Term Conflict Detection",
     "requirement_id": "Google Assured Workloads — Sovereign Compliance Conflict Detection",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PO-05",
     "name": "Data Use Policy Enforcement",
     "requirement_id": "Google Assured Workloads — Data Sovereignty and Use Restriction Enforcement",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PO-07",
     "name": "Third-Party Policy Requirements",
     "requirement_id": "Google Cloud Org Policy — Third-Party Integration Restriction",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PO-08",
     "name": "Policy Obligation Gap Analysis",
     "requirement_id": "Google Cloud Asset Inventory AnalyzeOrgPolicies — Constraint Coverage Gap Identification",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PR-01",
     "name": "AI Procurement Policy Integration",
     "requirement_id": "Google Cloud Marketplace + Org Policy — Approved AI Service Procurement",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PR-03",
     "name": "Vendor Qualification Enforcement",
     "requirement_id": "Google Assured Workloads — Compliance-Certified Service Restriction",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PR-04",
     "name": "Contract Review Gate Compliance",
     "requirement_id": "Google Cloud Security Foundations Blueprint — Pre-Deployment Constraint Verification",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PR-05",
     "name": "SLA Commitment Governance",
     "requirement_id": "Google Cloud SLA Terms + Assured Workloads — Commitment Enforcement",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PR-07",
     "name": "Contract Obligation Monitoring",
     "requirement_id": "Google Cloud Asset Inventory + Organization Policy — Ongoing Obligation Compliance Monitoring",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PR-08",
     "name": "Procurement Audit Trail",
     "requirement_id": "Google Cloud Admin Activity Audit Logs — Procurement Event Records",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PG-01",
     "name": "Policy Adherence Monitoring",
     "requirement_id": "Google Cloud Asset Inventory AnalyzeOrgPolicies + Policy Simulator — Policy Adherence Analysis",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PG-02",
     "name": "Authority Limit Monitoring",
     "requirement_id": "Google Cloud Organization Policy Monitoring — Authority Boundary Violation Detection",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PG-03",
     "name": "Contract Obligation Compliance Monitoring",
     "requirement_id": "Google Assured Workloads — Continuous Regulatory Contract Compliance Monitoring",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PG-04",
     "name": "Policy Incident Classification and Response",
     "requirement_id": "Google Cloud Security Command Center — Policy Violation Triage and Response",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PG-05",
     "name": "Knowledge Source Staleness Detection",
     "requirement_id": "Google Cloud Asset Inventory — Knowledge Resource Change Detection",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PG-07",
     "name": "Policy Governance Reporting",
     "requirement_id": "Google Cloud Organization Policy + Cloud Asset Inventory — Governance Reporting",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PG-08",
     "name": "Lessons Learned and Policy Improvement",
     "requirement_id": "Google Cloud IAM Recommender — Least-Privilege Policy Improvement Recommendations",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PE-03",
     "name": "Internal Audit Support Package",
     "requirement_id": "Google Cloud Audit Logs + Policy Analyzer — Internal Audit Evidence",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PE-04",
     "name": "Cross-Domain Policy Evidence Integration",
     "requirement_id": "Google Cloud Security Command Center — Cross-Domain Evidence Integration",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PE-07",
     "name": "Policy Governance Program Assessment",
     "requirement_id": "Google Cloud Custom Org Policy — Governance Program Coverage Assessment",
     "fit": "partial"
    }
   ],
   "source_refs": [
    {
     "domain": "authority",
     "control": "PV-02",
     "name": "Operating Intent Boundary Validation",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PV-03",
     "name": "Intended Purpose Alignment Review",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PV-04",
     "name": "Authorized Knowledge Source Registry",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PV-05",
     "name": "Knowledge Source Version Governance",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PV-06",
     "name": "Operating Context Change Management",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PV-08",
     "name": "Principal Intent vs. Agent Behavior Alignment",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PA-01",
     "name": "Delegation of Authority Integration",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PA-02",
     "name": "Approval Limit Enforcement",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PA-03",
     "name": "Escalation Gate Design and Testing",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PA-04",
     "name": "Principal Accountability Binding",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PA-05",
     "name": "Multi-Party Approval Workflow",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PA-06",
     "name": "Emergency Override and Break-Glass",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PA-07",
     "name": "Approval Record and Audit Trail",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PA-08",
     "name": "Authority Scope Change Notification",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PO-01",
     "name": "Internal Policy Register for AI Deployments",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PO-02",
     "name": "Policy Version Control and Distribution",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PO-03",
     "name": "Contractual Obligation Extraction",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PO-04",
     "name": "Contract Term Conflict Detection",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PO-05",
     "name": "Data Use Policy Enforcement",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PO-07",
     "name": "Third-Party Policy Requirements",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PO-08",
     "name": "Policy Obligation Gap Analysis",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PR-01",
     "name": "AI Procurement Policy Integration",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PR-03",
     "name": "Vendor Qualification Enforcement",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PR-04",
     "name": "Contract Review Gate Compliance",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PR-05",
     "name": "SLA Commitment Governance",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PR-07",
     "name": "Contract Obligation Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PR-08",
     "name": "Procurement Audit Trail",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PG-01",
     "name": "Policy Adherence Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PG-02",
     "name": "Authority Limit Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PG-03",
     "name": "Contract Obligation Compliance Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PG-04",
     "name": "Policy Incident Classification and Response",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PG-05",
     "name": "Knowledge Source Staleness Detection",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PG-07",
     "name": "Policy Governance Reporting",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PG-08",
     "name": "Lessons Learned and Policy Improvement",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PE-03",
     "name": "Internal Audit Support Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PE-04",
     "name": "Cross-Domain Policy Evidence Integration",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PE-07",
     "name": "Policy Governance Program Assessment",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {
    "authority": 37
   },
   "title": "Google Cloud Organization Policy Service",
   "total": 74
  },
  {
   "source_id": "aws_privacy_data_governance_2024",
   "framework_refs": [
    {
     "domain": "privacy",
     "control": "DC-01",
     "name": "Personal Data Inventory",
     "requirement_id": "AWS Lake Formation Data Catalog",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DC-02",
     "name": "Special Category Data Classification",
     "requirement_id": "Amazon Macie Sensitive Data Discovery",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DC-06",
     "name": "Data Purpose Limitation Mapping",
     "requirement_id": "AWS Lake Formation Fine-Grained Access Control",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DC-07",
     "name": "Children's Data Controls",
     "requirement_id": "AWS Shared Responsibility Model — customer obligations for children's data",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "DG-01",
     "name": "Data Processing Register",
     "requirement_id": "AWS Lake Formation and Glue Data Catalog — centralized governance registry",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DG-02",
     "name": "Data Processor Agreements",
     "requirement_id": "AWS Data Processing Addendum (GDPR DPA)",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DG-03",
     "name": "International Transfer Mechanism Registry",
     "requirement_id": "AWS GDPR compliance whitepaper — data transfer mechanisms",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "DG-04",
     "name": "Transfer Impact Assessment",
     "requirement_id": "AWS data transfer resources — customer TIA support",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "DG-05",
     "name": "DPIA Lifecycle Management",
     "requirement_id": "AWS GDPR compliance resources — customer DPIA support",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "DG-06",
     "name": "Data Breach Response",
     "requirement_id": "AWS Security Incident Response Guide",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "DG-07",
     "name": "Data Retention and Deletion Schedule",
     "requirement_id": "AWS data lifecycle management — S3 Lifecycle and RDS retention",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DG-08",
     "name": "Governance Evidence Archive",
     "requirement_id": "AWS CloudTrail — immutable governance logging",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DS-02",
     "name": "Identity Verification for Rights Requests",
     "requirement_id": "Amazon Cognito and AWS IAM — identity verification capabilities",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DS-08",
     "name": "Rights Request Evidence Log",
     "requirement_id": "AWS CloudTrail — API event logging",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DP-01",
     "name": "Encryption at Rest and in Transit",
     "requirement_id": "AWS KMS and S3 server-side encryption — AES-256 at rest, TLS in transit",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DP-02",
     "name": "Pseudonymization Implementation",
     "requirement_id": "AWS Glue DataBrew — PII masking and redaction transformations",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DP-03",
     "name": "Data Minimization Enforcement",
     "requirement_id": "AWS Lake Formation §Column/Row-Level Security for Minimization",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DP-05",
     "name": "Output PII Scrubbing",
     "requirement_id": "Amazon Comprehend — PII detection and redaction",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DP-06",
     "name": "Synthetic Data Governance",
     "requirement_id": "Amazon SageMaker Ground Truth — synthetic data generation",
     "fit": "adjacent"
    },
    {
     "domain": "privacy",
     "control": "DP-08",
     "name": "Data Protection Evidence Log",
     "requirement_id": "AWS CloudTrail with S3 Object Lock — WORM evidence archive",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "PM-01",
     "name": "Privacy Incident Detection",
     "requirement_id": "Amazon Macie — sensitive data discovery and anomaly findings",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "PM-02",
     "name": "Cross-Context Inference Monitoring",
     "requirement_id": "Amazon SageMaker Model Monitor — data and model quality drift detection",
     "fit": "adjacent"
    },
    {
     "domain": "privacy",
     "control": "PM-03",
     "name": "Purpose Creep Detection",
     "requirement_id": "AWS Config custom rules — configuration compliance checks",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "PM-05",
     "name": "Inference Log Monitoring",
     "requirement_id": "Amazon SageMaker Model Monitor — inference quality monitoring",
     "fit": "adjacent"
    },
    {
     "domain": "privacy",
     "control": "PM-06",
     "name": "Privacy Breach Notification Management",
     "requirement_id": "AWS Security Hub — findings aggregation and automated response",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "PM-07",
     "name": "Third-Party Privacy Monitoring",
     "requirement_id": "AWS Marketplace Vendor Insights — third-party security and compliance profiles",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "PM-08",
     "name": "Privacy Monitoring Evidence Archive",
     "requirement_id": "AWS CloudTrail with S3 Object Lock — WORM evidence archive",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "PC-01",
     "name": "Regulatory Obligation Mapping",
     "requirement_id": "AWS Customer Compliance Center — regulatory resources",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "PC-02",
     "name": "Privacy Certification Program",
     "requirement_id": "AWS ISO/IEC 42001 accredited certification — AI services",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "PC-03",
     "name": "Jurisdiction-Specific Compliance Package",
     "requirement_id": "AWS Artifact — jurisdiction-organized compliance reports and agreements",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "PC-04",
     "name": "Privacy Program Effectiveness Assessment",
     "requirement_id": "AWS Audit Manager — framework-based assessments",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "PC-05",
     "name": "Privacy-by-Design Certification",
     "requirement_id": "AWS Well-Architected Machine Learning Lens — security and privacy best practices",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "PC-06",
     "name": "AI Privacy Impact Assessment",
     "requirement_id": "AWS ISO/IEC 42001 certification — AI management system impact assessment practices",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "PC-07",
     "name": "Privacy Governance Reporting",
     "requirement_id": "AWS Artifact — on-demand compliance reports",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "PC-08",
     "name": "PrivacyAttestation [BASELINE]",
     "requirement_id": "AWS ISO/IEC 42001 certification and SOC 2 — vendor assurance artifacts",
     "fit": "supporting"
    }
   ],
   "source_refs": [
    {
     "domain": "privacy",
     "control": "DC-01",
     "name": "Personal Data Inventory",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DC-02",
     "name": "Special Category Data Classification",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DC-06",
     "name": "Data Purpose Limitation Mapping",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DC-07",
     "name": "Children's Data Controls",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DG-01",
     "name": "Data Processing Register",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DG-02",
     "name": "Data Processor Agreements",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DG-03",
     "name": "International Transfer Mechanism Registry",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DG-04",
     "name": "Transfer Impact Assessment",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DG-05",
     "name": "DPIA Lifecycle Management",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DG-06",
     "name": "Data Breach Response",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DG-07",
     "name": "Data Retention and Deletion Schedule",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DG-08",
     "name": "Governance Evidence Archive",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DS-02",
     "name": "Identity Verification for Rights Requests",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DS-08",
     "name": "Rights Request Evidence Log",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DP-01",
     "name": "Encryption at Rest and in Transit",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DP-02",
     "name": "Pseudonymization Implementation",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DP-03",
     "name": "Data Minimization Enforcement",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DP-05",
     "name": "Output PII Scrubbing",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DP-06",
     "name": "Synthetic Data Governance",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DP-08",
     "name": "Data Protection Evidence Log",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "PM-01",
     "name": "Privacy Incident Detection",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "PM-02",
     "name": "Cross-Context Inference Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "PM-03",
     "name": "Purpose Creep Detection",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "PM-05",
     "name": "Inference Log Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "PM-06",
     "name": "Privacy Breach Notification Management",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "PM-07",
     "name": "Third-Party Privacy Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "PM-08",
     "name": "Privacy Monitoring Evidence Archive",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "PC-01",
     "name": "Regulatory Obligation Mapping",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "PC-02",
     "name": "Privacy Certification Program",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "PC-03",
     "name": "Jurisdiction-Specific Compliance Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "PC-04",
     "name": "Privacy Program Effectiveness Assessment",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "PC-05",
     "name": "Privacy-by-Design Certification",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "PC-06",
     "name": "AI Privacy Impact Assessment",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "PC-07",
     "name": "Privacy Governance Reporting",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "PC-08",
     "name": "PrivacyAttestation [BASELINE]",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {
    "privacy": 35
   },
   "title": "AWS Data Privacy (Data Privacy Center)",
   "total": 70
  },
  {
   "source_id": "owasp_llm10",
   "framework_refs": [
    {
     "domain": "security",
     "control": "EC-02",
     "name": "Filter the agent's outbound network traffic",
     "requirement_id": "LLM02:2025 Sensitive Information Disclosure",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "EC-05",
     "name": "Cap spend and resource use, stop denial-of-wallet",
     "requirement_id": "LLM10:2025 Unbounded Consumption (no standalone agentic ASI category)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "EC-06",
     "name": "Contain runaway loops and over-reach (least-agency)",
     "requirement_id": "LLM06:2025 Excessive Agency (least-agency posture)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "EC-07",
     "name": "Trust-rank retrieved content before it enters the agent's context",
     "requirement_id": "LLM08:2025 Vector and Embedding Weaknesses",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "EC-08",
     "name": "Keep secrets out of the prompt and context",
     "requirement_id": "LLM07:2025 System Prompt Leakage / secrets-in-context",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "EC-10",
     "name": "Verify trigger provenance and admit autonomous runs",
     "requirement_id": "LLM06:2025 Excessive Agency (unbounded self-initiation)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "PT-03",
     "name": "Verify skill/tool manifest integrity and sign the supply chain",
     "requirement_id": "LLM03:2025 Supply Chain",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "PT-05",
     "name": "Encode and validate the agent's own output before it reaches other systems",
     "requirement_id": "LLM05:2025 Improper Output Handling",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "PT-08",
     "name": "Enforce an instruction hierarchy so tool output cannot give the agent orders",
     "requirement_id": "LLM01:2025 Prompt Injection",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "GV-10",
     "name": "Enable end-user responsibility and guard against automation bias",
     "requirement_id": "LLM06:2025 Excessive Agency",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "RT-02",
     "name": "Detect direct and indirect prompt injection at every input and output",
     "requirement_id": "LLM01:2025 Prompt Injection",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "RT-05",
     "name": "Apply data-loss prevention to agent egress and interactions",
     "requirement_id": "LLM02:2025 Sensitive Information Disclosure",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "AS-06",
     "name": "Verify model-weights and training-data provenance before load",
     "requirement_id": "LLM03:2025 Supply Chain; LLM04:2025 Data and Model Poisoning",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "LI-03",
     "name": "Supply Chain Integrity — Third-Party Model Verification and Cryptographic...",
     "requirement_id": "LLM03:2025",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "LI-07",
     "name": "Capability and Limitation Declaration — Intended Use, Constraints,...",
     "requirement_id": "LLM09:2025",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "LI-08",
     "name": "License and IP Governance — Dataset License Tracking, Derivative Work...",
     "requirement_id": "LLM03:2025",
     "fit": "adjacent"
    },
    {
     "domain": "model",
     "control": "TG-01",
     "name": "Training Data Quality Gates",
     "requirement_id": "LLM04:2025",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "TG-02",
     "name": "Bias and Representativeness Assessment",
     "requirement_id": "LLM04:2025",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "TG-03",
     "name": "Data Rights, Lawful Authority and Permitted Use",
     "requirement_id": "LLM03:2025",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "TG-04",
     "name": "Data Poisoning Prevention",
     "requirement_id": "LLM04:2025",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "TG-05",
     "name": "Train/Evaluation/Test Separation and Contamination Prevention",
     "requirement_id": "LLM04:2025",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "TG-06",
     "name": "Sensitive-Data Necessity, Minimization and Controlled Use",
     "requirement_id": "LLM04:2025",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "TG-07",
     "name": "Third-Party Dataset Governance",
     "requirement_id": "LLM03:2025",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "TG-08",
     "name": "Dataset Retention, Deletion and Lifecycle",
     "requirement_id": "LLM04:2025",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "EV-02",
     "name": "Fitness, Safety, Reliability and Policy-Conformance Evaluation",
     "requirement_id": "LLM09:2025",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "EV-04",
     "name": "Adversarial Red-Team Testing",
     "requirement_id": "LLM01:2025",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "EV-05",
     "name": "Fairness and Bias Evaluation",
     "requirement_id": "LLM09:2025",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "EV-07",
     "name": "Regression Testing on Updates",
     "requirement_id": "LLM04:2025",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "OA-06",
     "name": "Third-Party Model and Vendor Risk Oversight",
     "requirement_id": "LLM03:2025",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "OA-08",
     "name": "Notice, Explanation Support, Human Review and Contestability",
     "requirement_id": "LLM09:2025",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AA-01",
     "name": "Agent Identity Presentation at Tool Invocation",
     "requirement_id": "LLM06:2025 — Excessive Agency",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AA-05",
     "name": "Session Token Binding and Anti-Replay Controls",
     "requirement_id": "LLM06:2025 — Excessive Agency",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AA-06",
     "name": "Cross-System Authentication Chaining",
     "requirement_id": "LLM06:2025 — Excessive Agency",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AB-02",
     "name": "Tool-Call Authorization Policy",
     "requirement_id": "LLM06:2025 — Excessive Agency",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AB-04",
     "name": "Output Policy Enforcement",
     "requirement_id": "LLM02:2025 — Sensitive Information Disclosure",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AB-05",
     "name": "Prompt Injection Detection and Defense",
     "requirement_id": "LLM01:2025 — Prompt Injection",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AT-02",
     "name": "Tool Permission Scoping",
     "requirement_id": "LLM06:2025 — Excessive Agency",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AT-03",
     "name": "Tool Input Validation and Schema Enforcement",
     "requirement_id": "LLM01:2025 & LLM05:2025",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AT-04",
     "name": "Tool Output Sanitization and Integrity Verification",
     "requirement_id": "LLM05:2025 — Improper Output Handling",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AT-05",
     "name": "Dangerous and Irreversible Tool Access Controls",
     "requirement_id": "LLM06:2025 — Excessive Agency",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AO-01",
     "name": "Multi-Agent Trust Chain Documentation",
     "requirement_id": "LLM06:2025 — Excessive Agency",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AO-02",
     "name": "Sub-Agent Authorization and Capability Delegation",
     "requirement_id": "LLM06:2025 — Excessive Agency",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AO-03",
     "name": "Orchestration Message Integrity",
     "requirement_id": "LLM01:2025 — Prompt Injection",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AO-05",
     "name": "Orchestration Loop and Escalation Detection",
     "requirement_id": "LLM06:2025 — Excessive Agency",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AM-02",
     "name": "Anomalous Action Detection",
     "requirement_id": "LLM06:2025 — Excessive Agency",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AM-05",
     "name": "Multi-Agent Communication Monitoring",
     "requirement_id": "LLM06:2025 — Excessive Agency",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KR-09",
     "name": "Embedding and Vector-Store Integrity",
     "requirement_id": "LLM08:2025",
     "fit": "direct"
    }
   ],
   "source_refs": [
    {
     "domain": "security",
     "control": "EC-05",
     "name": "Cap spend and resource use, stop denial-of-wallet",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "EC-07",
     "name": "Trust-rank retrieved content before it enters the agent's context",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "EC-08",
     "name": "Keep secrets out of the prompt and context",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "PT-03",
     "name": "Verify skill/tool manifest integrity and sign the supply chain",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "PT-05",
     "name": "Encode and validate the agent's own output before it reaches other systems",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "PT-08",
     "name": "Enforce an instruction hierarchy so tool output cannot give the agent orders",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "RT-02",
     "name": "Detect direct and indirect prompt injection at every input and output",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "AS-06",
     "name": "Verify model-weights and training-data provenance before load",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "LI-03",
     "name": "Supply Chain Integrity — Third-Party Model Verification and Cryptographic...",
     "relationship": "informative_reference"
    },
    {
     "domain": "model",
     "control": "TG-04",
     "name": "Data Poisoning Prevention",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "TG-07",
     "name": "Third-Party Dataset Governance",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "EV-02",
     "name": "Fitness, Safety, Reliability and Policy-Conformance Evaluation",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "EV-04",
     "name": "Adversarial Red-Team Testing",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "EV-07",
     "name": "Regression Testing on Updates",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "OA-06",
     "name": "Third-Party Model and Vendor Risk Oversight",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "OA-08",
     "name": "Notice, Explanation Support, Human Review and Contestability",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "BH-06",
     "name": "Injection-Resistance Evaluation in Production",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "BH-07",
     "name": "Resource and Cost Anomaly Monitoring",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "BH-09",
     "name": "Synthetic-Content Provenance, Disclosure and Traceability",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "BH-10",
     "name": "Feedback Loop Integrity and Online Learning Governance",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "knowledge",
     "control": "KR-09",
     "name": "Embedding and Vector-Store Integrity",
     "relationship": "supporting_guidance"
    }
   ],
   "by_domain": {
    "security": 13,
    "model": 17,
    "agentic": 16,
    "knowledge": 1
   },
   "title": "OWASP LLM Top 10 2025",
   "total": 68
  },
  {
   "source_id": "iso_27701",
   "framework_refs": [
    {
     "domain": "privacy",
     "control": "DC-01",
     "name": "Personal Data Inventory",
     "requirement_id": "7.2.8",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DC-06",
     "name": "Data Purpose Limitation Mapping",
     "requirement_id": "7.2",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DC-08",
     "name": "Consent Change Propagation",
     "requirement_id": "7.3.7",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DC-09",
     "name": "Data Collection Layer Evidence Package",
     "requirement_id": "7.3",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DG-01",
     "name": "Data Processing Register",
     "requirement_id": "7.2.1",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DG-02",
     "name": "Data Processor Agreements",
     "requirement_id": "8.2",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DG-06",
     "name": "Data Breach Response",
     "requirement_id": "6.13",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DG-07",
     "name": "Data Retention and Deletion Schedule",
     "requirement_id": "7.4.7",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DG-08",
     "name": "Governance Evidence Archive",
     "requirement_id": "7.2.1",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DS-04",
     "name": "Erasure and Anonymization",
     "requirement_id": "8.3",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DS-08",
     "name": "Rights Request Evidence Log",
     "requirement_id": "7.3.9",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DP-01",
     "name": "Encryption at Rest and in Transit",
     "requirement_id": "6.7",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DP-02",
     "name": "Pseudonymization Implementation",
     "requirement_id": "7.4.4",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DP-03",
     "name": "Data Minimization Enforcement",
     "requirement_id": "7.4.1",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DP-08",
     "name": "Data Protection Evidence Log",
     "requirement_id": "6.9.4",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "PM-03",
     "name": "Purpose Creep Detection",
     "requirement_id": "7.2.2",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "PM-04",
     "name": "Consent State Consistency Monitoring",
     "requirement_id": "7.2.4",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "PM-07",
     "name": "Third-Party Privacy Monitoring",
     "requirement_id": "8.5.6-8.5.8",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "PM-08",
     "name": "Privacy Monitoring Evidence Archive",
     "requirement_id": "7.2.8",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "PC-02",
     "name": "Privacy Certification Program",
     "requirement_id": "PIMS certification (standard as a whole)",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "PC-04",
     "name": "Privacy Program Effectiveness Assessment",
     "requirement_id": "5.7.1",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "PC-07",
     "name": "Privacy Governance Reporting",
     "requirement_id": "5.7.3",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "PC-08",
     "name": "PrivacyAttestation [BASELINE]",
     "requirement_id": "5.8.2",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DX-04",
     "name": "Cross-Border Data Transfer Controls",
     "requirement_id": "§7.5.3",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DX-05",
     "name": "Third-Party Data Sharing Agreements and Controls",
     "requirement_id": "§7.5",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DX-06",
     "name": "Data Exchange Audit Trail",
     "requirement_id": "§8.2.6",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DX-07",
     "name": "Data Exchange Security Controls",
     "requirement_id": "§7.4.9",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DI-06",
     "name": "Model Memorization Risk Assessment and Output Leakage Prevention",
     "requirement_id": "§7.2.5",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DM-02",
     "name": "Data Classification and Sensitivity Tagging at Rest",
     "requirement_id": "§6.5.2.1",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DM-03",
     "name": "Data Retention and Disposal Governance",
     "requirement_id": "§7.4.5",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DL-03",
     "name": "Inference-Time Data Lineage (Per-Decision Provenance)",
     "requirement_id": "§7.2.8",
     "fit": "adjacent"
    },
    {
     "domain": "data",
     "control": "DL-06",
     "name": "Data Lineage for Regulatory and Legal Purposes",
     "requirement_id": "§7.2.8",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DL-08",
     "name": "Data Lineage Evidence Package",
     "requirement_id": "§7.2.8",
     "fit": "adjacent"
    },
    {
     "domain": "data",
     "control": "DA-02",
     "name": "Data Minimization Implementation for AI",
     "requirement_id": "§7.4.4",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DA-03",
     "name": "Consent-Based Data Access Controls",
     "requirement_id": "§7.2.3",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DA-04",
     "name": "Privileged Data Access Monitoring",
     "requirement_id": "§6.9.4",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DA-06",
     "name": "Cross-Border Data Access Jurisdiction Controls",
     "requirement_id": "§7.5.1",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DA-07",
     "name": "Emergency AI Data Access Procedures",
     "requirement_id": "§6.9.4",
     "fit": "direct"
    }
   ],
   "source_refs": [
    {
     "domain": "privacy",
     "control": "DC-01",
     "name": "Personal Data Inventory",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DC-06",
     "name": "Data Purpose Limitation Mapping",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DC-08",
     "name": "Consent Change Propagation",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DC-09",
     "name": "Data Collection Layer Evidence Package",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DG-01",
     "name": "Data Processing Register",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DG-02",
     "name": "Data Processor Agreements",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DG-06",
     "name": "Data Breach Response",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DG-07",
     "name": "Data Retention and Deletion Schedule",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DG-08",
     "name": "Governance Evidence Archive",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DS-04",
     "name": "Erasure and Anonymization",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DS-08",
     "name": "Rights Request Evidence Log",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DP-01",
     "name": "Encryption at Rest and in Transit",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DP-02",
     "name": "Pseudonymization Implementation",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DP-03",
     "name": "Data Minimization Enforcement",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DP-08",
     "name": "Data Protection Evidence Log",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "PM-03",
     "name": "Purpose Creep Detection",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "PM-04",
     "name": "Consent State Consistency Monitoring",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "PM-07",
     "name": "Third-Party Privacy Monitoring",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "PM-08",
     "name": "Privacy Monitoring Evidence Archive",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "PC-02",
     "name": "Privacy Certification Program",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "PC-04",
     "name": "Privacy Program Effectiveness Assessment",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "PC-07",
     "name": "Privacy Governance Reporting",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "PC-08",
     "name": "PrivacyAttestation [BASELINE]",
     "relationship": "normative_requirement"
    },
    {
     "domain": "data",
     "control": "DM-03",
     "name": "Data Retention and Disposal Governance",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "data",
     "control": "DL-03",
     "name": "Inference-Time Data Lineage (Per-Decision Provenance)",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "data",
     "control": "DL-06",
     "name": "Data Lineage for Regulatory and Legal Purposes",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "data",
     "control": "DL-08",
     "name": "Data Lineage Evidence Package",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "data",
     "control": "DA-02",
     "name": "Data Minimization Implementation for AI",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "data",
     "control": "DA-06",
     "name": "Cross-Border Data Access Jurisdiction Controls",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "data",
     "control": "DA-07",
     "name": "Emergency AI Data Access Procedures",
     "relationship": "implementation_pattern"
    }
   ],
   "by_domain": {
    "privacy": 23,
    "data": 15
   },
   "title": "ISO/IEC 27701:2019",
   "total": 68
  },
  {
   "source_id": "nist_800_53",
   "framework_refs": [
    {
     "domain": "security",
     "control": "EC-12",
     "name": "AI Serving-Stack Vulnerability Management",
     "requirement_id": "RA-5 — Vulnerability Monitoring and Scanning",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "EC-12",
     "name": "AI Serving-Stack Vulnerability Management",
     "requirement_id": "SI-2 — Flaw Remediation",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "EC-12",
     "name": "AI Serving-Stack Vulnerability Management",
     "requirement_id": "SI-2(3) — Time to Remediate Flaws and Benchmarks for Corrective Actions",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CI-01",
     "name": "Compliance Control Testing Program",
     "requirement_id": "CA-2",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CI-01",
     "name": "Compliance Control Testing Program",
     "requirement_id": "CA-7",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PV-05",
     "name": "Knowledge Source Version Governance",
     "requirement_id": "CM-3 — Configuration Change Control",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PV-08",
     "name": "Principal Intent vs. Agent Behavior Alignment",
     "requirement_id": "SI-7 — Software, Firmware, and Information Integrity",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PA-01",
     "name": "Delegation of Authority Integration",
     "requirement_id": "AC-5 — Separation of Duties",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PA-02",
     "name": "Approval Limit Enforcement",
     "requirement_id": "AC-5 — Separation of Duties",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PA-03",
     "name": "Escalation Gate Design and Testing",
     "requirement_id": "IR-4 — Incident Handling",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PA-05",
     "name": "Multi-Party Approval Workflow",
     "requirement_id": "AC-5 — Separation of Duties",
     "fit": "direct"
    },
    {
     "domain": "authority",
     "control": "PA-06",
     "name": "Emergency Override and Break-Glass",
     "requirement_id": "IR-4 — Incident Handling",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PA-07",
     "name": "Approval Record and Audit Trail",
     "requirement_id": "AU-12 — Audit Record Generation",
     "fit": "direct"
    },
    {
     "domain": "authority",
     "control": "PO-01",
     "name": "Internal Policy Register for AI Deployments",
     "requirement_id": "PL-1 — Policy and Procedures",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PO-02",
     "name": "Policy Version Control and Distribution",
     "requirement_id": "CM-3 — Configuration Change Control",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PO-03",
     "name": "Contractual Obligation Extraction",
     "requirement_id": "SA-4 — Acquisition Process",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PO-04",
     "name": "Contract Term Conflict Detection",
     "requirement_id": "SA-4 — Acquisition Process",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PO-05",
     "name": "Data Use Policy Enforcement",
     "requirement_id": "AC-23 — Data Mining Protection",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PO-06",
     "name": "Communication and Commitment Policy",
     "requirement_id": "AC-5 — Separation of Duties",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PO-07",
     "name": "Third-Party Policy Requirements",
     "requirement_id": "SA-9 — External System Services",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PO-08",
     "name": "Policy Obligation Gap Analysis",
     "requirement_id": "CA-7 — Continuous Monitoring",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PR-01",
     "name": "AI Procurement Policy Integration",
     "requirement_id": "SA-4 — Acquisition Process",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PR-02",
     "name": "AI-Initiated Commitment Controls",
     "requirement_id": "AC-5 — Separation of Duties",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PR-03",
     "name": "Vendor Qualification Enforcement",
     "requirement_id": "SA-9 — External System Services",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PR-04",
     "name": "Contract Review Gate Compliance",
     "requirement_id": "SA-4 — Acquisition Process",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PR-05",
     "name": "SLA Commitment Governance",
     "requirement_id": "SA-4 — Acquisition Process",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PR-06",
     "name": "AI in Contract Negotiation Controls",
     "requirement_id": "SA-4 — Acquisition Process",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PR-07",
     "name": "Contract Obligation Monitoring",
     "requirement_id": "SA-9 — External System Services",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PR-08",
     "name": "Procurement Audit Trail",
     "requirement_id": "AU-12 — Audit Record Generation",
     "fit": "direct"
    },
    {
     "domain": "authority",
     "control": "PG-02",
     "name": "Authority Limit Monitoring",
     "requirement_id": "AU-6 — Audit Record Review, Analysis, and Reporting",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PG-03",
     "name": "Contract Obligation Compliance Monitoring",
     "requirement_id": "SA-9 — External System Services",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PG-04",
     "name": "Policy Incident Classification and Response",
     "requirement_id": "IR-4 — Incident Handling",
     "fit": "direct"
    },
    {
     "domain": "authority",
     "control": "PG-05",
     "name": "Knowledge Source Staleness Detection",
     "requirement_id": "CM-3 — Configuration Change Control",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PG-06",
     "name": "Operating Intent Drift Detection",
     "requirement_id": "SI-7 — Software, Firmware, and Information Integrity",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PE-01",
     "name": "Policy Evidence Archive",
     "requirement_id": "AU-11 — Audit Record Retention",
     "fit": "direct"
    },
    {
     "domain": "authority",
     "control": "PE-03",
     "name": "Internal Audit Support Package",
     "requirement_id": "CA-7 — Continuous Monitoring",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PE-05",
     "name": "Contract Audit Trail",
     "requirement_id": "AU-12 — Audit Record Generation",
     "fit": "direct"
    }
   ],
   "source_refs": [
    {
     "domain": "security",
     "control": "EC-12",
     "name": "AI Serving-Stack Vulnerability Management",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "authority",
     "control": "PV-05",
     "name": "Knowledge Source Version Governance",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PV-08",
     "name": "Principal Intent vs. Agent Behavior Alignment",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PA-01",
     "name": "Delegation of Authority Integration",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PA-03",
     "name": "Escalation Gate Design and Testing",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PA-05",
     "name": "Multi-Party Approval Workflow",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PA-06",
     "name": "Emergency Override and Break-Glass",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PA-07",
     "name": "Approval Record and Audit Trail",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PO-02",
     "name": "Policy Version Control and Distribution",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PO-03",
     "name": "Contractual Obligation Extraction",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PO-04",
     "name": "Contract Term Conflict Detection",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PO-05",
     "name": "Data Use Policy Enforcement",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PO-07",
     "name": "Third-Party Policy Requirements",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PO-08",
     "name": "Policy Obligation Gap Analysis",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PR-01",
     "name": "AI Procurement Policy Integration",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PR-02",
     "name": "AI-Initiated Commitment Controls",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PR-03",
     "name": "Vendor Qualification Enforcement",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PR-04",
     "name": "Contract Review Gate Compliance",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PR-05",
     "name": "SLA Commitment Governance",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PR-06",
     "name": "AI in Contract Negotiation Controls",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PR-07",
     "name": "Contract Obligation Monitoring",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PR-08",
     "name": "Procurement Audit Trail",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PG-02",
     "name": "Authority Limit Monitoring",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PG-03",
     "name": "Contract Obligation Compliance Monitoring",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PG-04",
     "name": "Policy Incident Classification and Response",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PG-05",
     "name": "Knowledge Source Staleness Detection",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PG-06",
     "name": "Operating Intent Drift Detection",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PE-01",
     "name": "Policy Evidence Archive",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PE-03",
     "name": "Internal Audit Support Package",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PE-05",
     "name": "Contract Audit Trail",
     "relationship": "implementation_pattern"
    }
   ],
   "by_domain": {
    "security": 3,
    "compliance": 2,
    "authority": 32
   },
   "title": "NIST SP 800-53 Rev 5",
   "total": 67
  },
  {
   "source_id": "aws_artifact_compliance_2024",
   "framework_refs": [
    {
     "domain": "compliance",
     "control": "CA-01",
     "name": "Regulatory Scope Determination",
     "requirement_id": "AWS security posture documentation",
     "fit": "adjacent"
    },
    {
     "domain": "compliance",
     "control": "CA-02",
     "name": "Compliance Framework Selection and Mapping",
     "requirement_id": "Third-party audit report",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CA-04",
     "name": "Design-Time Compliance Classification",
     "requirement_id": "AWS security posture documentation",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CA-05",
     "name": "Regulatory Change Management",
     "requirement_id": "Compliance report access",
     "fit": "adjacent"
    },
    {
     "domain": "compliance",
     "control": "CA-07",
     "name": "Third-Party and Supply Chain Compliance Obligations",
     "requirement_id": "Third-party audit report",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CA-08",
     "name": "Compliance Architecture Evidence Package",
     "requirement_id": "Compliance report access",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "OB-01",
     "name": "Obligation Register",
     "requirement_id": "Compliance report access",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "OB-04",
     "name": "EU AI Act Conformity Assessment Obligation Management",
     "requirement_id": "Third-party audit report",
     "fit": "adjacent"
    },
    {
     "domain": "compliance",
     "control": "OB-05",
     "name": "DORA ICT Obligation Tracking",
     "requirement_id": "Compliance report access",
     "fit": "adjacent"
    },
    {
     "domain": "compliance",
     "control": "OB-06",
     "name": "Contractual AI Obligation Management",
     "requirement_id": "Artifact agreement",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "OB-07",
     "name": "Obligation Fulfillment Verification",
     "requirement_id": "Third-party audit report",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "OB-08",
     "name": "Obligations Evidence Package",
     "requirement_id": "Third-party audit report",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "RF-03",
     "name": "EU AI Act Technical Documentation Package (Art. 11)",
     "requirement_id": "Third-party audit report",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "RF-05",
     "name": "FedRAMP Authorization Support for AI Systems",
     "requirement_id": "FedRAMP High Package",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "RF-06",
     "name": "SOC 2 AI-Specific Evidence Production",
     "requirement_id": "Third-party audit report",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CI-04",
     "name": "Compliance Tooling Implementation",
     "requirement_id": "Compliance report access",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CI-06",
     "name": "Internal Audit of AI Compliance Controls",
     "requirement_id": "Third-party audit report",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CI-08",
     "name": "Compliance Implementation Evidence Package",
     "requirement_id": "Third-party audit report",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "AU-01",
     "name": "Audit Readiness Program",
     "requirement_id": "Compliance report access",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "AU-02",
     "name": "Evidence Collection, Curation, and Validation",
     "requirement_id": "Third-party audit report",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "AU-03",
     "name": "Auditor Access and Cooperation Protocols",
     "requirement_id": "Artifact agreement",
     "fit": "adjacent"
    },
    {
     "domain": "compliance",
     "control": "AU-04",
     "name": "Audit Trail Integrity",
     "requirement_id": "Third-party audit report",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "AU-05",
     "name": "Regulatory Examination Response Program",
     "requirement_id": "Compliance report access",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "AU-07",
     "name": "Multi-Framework Evidence Reuse",
     "requirement_id": "Compliance report access",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "AU-08",
     "name": "ComplianceAttestation Production",
     "requirement_id": "Compliance Reports",
     "fit": "adjacent"
    },
    {
     "domain": "compliance",
     "control": "CG-02",
     "name": "Compliance Policy Framework for AI",
     "requirement_id": "Compliance report access",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CG-05",
     "name": "Compliance Program Resourcing",
     "requirement_id": "Compliance report access",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CG-06",
     "name": "Compliance Incident Response",
     "requirement_id": "AWS security posture documentation",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CG-08",
     "name": "Compliance Governance Evidence Package",
     "requirement_id": "Third-party audit report",
     "fit": "direct"
    }
   ],
   "source_refs": [
    {
     "domain": "compliance",
     "control": "CA-01",
     "name": "Regulatory Scope Determination",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CA-02",
     "name": "Compliance Framework Selection and Mapping",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CA-04",
     "name": "Design-Time Compliance Classification",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CA-05",
     "name": "Regulatory Change Management",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CA-07",
     "name": "Third-Party and Supply Chain Compliance Obligations",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CA-08",
     "name": "Compliance Architecture Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "OB-01",
     "name": "Obligation Register",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "OB-04",
     "name": "EU AI Act Conformity Assessment Obligation Management",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "OB-05",
     "name": "DORA ICT Obligation Tracking",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "OB-06",
     "name": "Contractual AI Obligation Management",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "OB-07",
     "name": "Obligation Fulfillment Verification",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "OB-08",
     "name": "Obligations Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "RF-03",
     "name": "EU AI Act Technical Documentation Package (Art. 11)",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "RF-05",
     "name": "FedRAMP Authorization Support for AI Systems",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "RF-06",
     "name": "SOC 2 AI-Specific Evidence Production",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "RF-08",
     "name": "Regulatory Framework Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CI-04",
     "name": "Compliance Tooling Implementation",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CI-06",
     "name": "Internal Audit of AI Compliance Controls",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CI-08",
     "name": "Compliance Implementation Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "AU-01",
     "name": "Audit Readiness Program",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "AU-02",
     "name": "Evidence Collection, Curation, and Validation",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "AU-03",
     "name": "Auditor Access and Cooperation Protocols",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "AU-04",
     "name": "Audit Trail Integrity",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "AU-05",
     "name": "Regulatory Examination Response Program",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "AU-07",
     "name": "Multi-Framework Evidence Reuse",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "AU-08",
     "name": "ComplianceAttestation Production",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CG-02",
     "name": "Compliance Policy Framework for AI",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CG-05",
     "name": "Compliance Program Resourcing",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CG-06",
     "name": "Compliance Incident Response",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CG-08",
     "name": "Compliance Governance Evidence Package",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {
    "compliance": 29
   },
   "title": "AWS Artifact (Compliance Reports)",
   "total": 59
  },
  {
   "source_id": "soc2",
   "framework_refs": [
    {
     "domain": "compliance",
     "control": "CA-02",
     "name": "Compliance Framework Selection and Mapping",
     "requirement_id": "CC1.1",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CA-03",
     "name": "Cross-Domain Evidence Routing",
     "requirement_id": "CC4.1",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CA-06",
     "name": "Compliance Obligation Gap Analysis",
     "requirement_id": "CC4.2",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CA-07",
     "name": "Third-Party and Supply Chain Compliance Obligations",
     "requirement_id": "CC9.2",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CA-08",
     "name": "Compliance Architecture Evidence Package",
     "requirement_id": "CC5.3",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "OB-01",
     "name": "Obligation Register",
     "requirement_id": "CC2.1",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "OB-02",
     "name": "Obligation Owner Assignment",
     "requirement_id": "CC1.3",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "OB-03",
     "name": "Obligation Due Date and Milestone Tracking",
     "requirement_id": "CC4.1",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "OB-05",
     "name": "DORA ICT Obligation Tracking",
     "requirement_id": "A1.2",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "OB-06",
     "name": "Contractual AI Obligation Management",
     "requirement_id": "CC9.2",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "OB-07",
     "name": "Obligation Fulfillment Verification",
     "requirement_id": "CC4.2",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "OB-08",
     "name": "Obligations Evidence Package",
     "requirement_id": "CC4.1",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "RF-06",
     "name": "SOC 2 AI-Specific Evidence Production",
     "requirement_id": "CC6.1, CC7.1, CC9.2",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CI-01",
     "name": "Compliance Control Testing Program",
     "requirement_id": "CC4.1, CC4.2",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CI-04",
     "name": "Compliance Tooling Implementation",
     "requirement_id": "CC4.2",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CI-05",
     "name": "Compliance Training and Awareness Program",
     "requirement_id": "CC1.4",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CI-06",
     "name": "Internal Audit of AI Compliance Controls",
     "requirement_id": "CC4.2",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CI-07",
     "name": "Remediation Tracking and Closure",
     "requirement_id": "CC4.2",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CI-08",
     "name": "Compliance Implementation Evidence Package",
     "requirement_id": "CC2.2",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "AU-01",
     "name": "Audit Readiness Program",
     "requirement_id": "CC4.1",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "AU-02",
     "name": "Evidence Collection, Curation, and Validation",
     "requirement_id": "CC2.2",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "AU-03",
     "name": "Auditor Access and Cooperation Protocols",
     "requirement_id": "CC2.3",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "AU-04",
     "name": "Audit Trail Integrity",
     "requirement_id": "CC7.2",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "AU-06",
     "name": "Audit Finding Remediation Program",
     "requirement_id": "CC4.2",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "AU-07",
     "name": "Multi-Framework Evidence Reuse",
     "requirement_id": "CC1.5",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "AU-08",
     "name": "ComplianceAttestation Production",
     "requirement_id": "CC2.2",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CG-03",
     "name": "Senior and Board-Level Accountability for AI Compliance",
     "requirement_id": "CC1.1",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CG-04",
     "name": "Compliance Risk Appetite Definition",
     "requirement_id": "CC3.2",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CG-05",
     "name": "Compliance Program Resourcing",
     "requirement_id": "CC1.4",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CG-07",
     "name": "Compliance Program Metrics and KPIs",
     "requirement_id": "CC4.1 and CC4.2",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CG-08",
     "name": "Compliance Governance Evidence Package",
     "requirement_id": "CC4.1",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MR-05",
     "name": "Ongoing Model Risk Monitoring",
     "requirement_id": "CC7.2",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MR-08",
     "name": "Model Risk Evidence Package",
     "requirement_id": "CC4.1",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MV-03",
     "name": "Outcome Analysis and Backtesting",
     "requirement_id": "CC7.2",
     "fit": "adjacent"
    },
    {
     "domain": "finance",
     "control": "MV-05",
     "name": "Validation Frequency and Trigger-Based Review",
     "requirement_id": "CC4.1",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MV-08",
     "name": "Model Validation Evidence Package",
     "requirement_id": "CC2.2",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FD-05",
     "name": "Financial Consumer Notification and Rights",
     "requirement_id": "P1.1",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FD-06",
     "name": "AI System Disclosure in Financial Filings",
     "requirement_id": "CC2.3",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FD-08",
     "name": "Financial Disclosure Evidence Package",
     "requirement_id": "CC4.1",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FC-03",
     "name": "Reconciliation Controls for AI-Influenced Financial Outputs",
     "requirement_id": "CC6.1, CC7.2",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FC-06",
     "name": "AI Operational Error and Financial Exception Management",
     "requirement_id": "CC7.4, CC7.5",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FC-07",
     "name": "Financial Data Integrity Monitoring",
     "requirement_id": "CC6.6, CC6.7, CC7.2",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FC-08",
     "name": "Financial Controls Evidence Package",
     "requirement_id": "CC4.1, CC4.2",
     "fit": "adjacent"
    },
    {
     "domain": "finance",
     "control": "FP-04",
     "name": "AI Procurement and Vendor Management Policy for Finance",
     "requirement_id": "CC9.2",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FP-05",
     "name": "Data Governance Policy for Financial AI",
     "requirement_id": "PI1.1",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FP-08",
     "name": "Financial Policy Evidence Package",
     "requirement_id": "CC2.2 & CC4.1",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FG-05",
     "name": "Finance AI Incident Response Integration",
     "requirement_id": "CC7.3",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FG-08",
     "name": "FinanceAttestation Production",
     "requirement_id": "CC2.2",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PA-07",
     "name": "Approval Record and Audit Trail",
     "requirement_id": "CC7.2 — The entity monitors system components for anomalies",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PR-05",
     "name": "SLA Commitment Governance",
     "requirement_id": "A1.1 — Capacity management and monitoring",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PR-08",
     "name": "Procurement Audit Trail",
     "requirement_id": "CC7.2 — Detection and Monitoring",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PE-02",
     "name": "Regulatory Disclosure Readiness",
     "requirement_id": "CC2.3 / CC7.4 — External communication and incident response obligations",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PE-03",
     "name": "Internal Audit Support Package",
     "requirement_id": "CC4.1 — COSO Principle 16 — ongoing and/or separate evaluations",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PE-05",
     "name": "Contract Audit Trail",
     "requirement_id": "CC7.2 — Monitoring of system components",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PE-06",
     "name": "Board and Senior Management Policy Reporting",
     "requirement_id": "CC2.3 — Communicates with external parties",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PE-08",
     "name": "Policy Attestation",
     "requirement_id": "CC3.1 — COSO Principle 6 — Specifies suitable objectives",
     "fit": "adjacent"
    }
   ],
   "source_refs": [],
   "by_domain": {
    "compliance": 31,
    "finance": 17,
    "authority": 8
   },
   "title": "SOC 2 TSC",
   "total": 56
  },
  {
   "source_id": "okta_identity_governance_2025",
   "framework_refs": [
    {
     "domain": "compliance",
     "control": "CA-03",
     "name": "Cross-Domain Evidence Routing",
     "requirement_id": "Audit reporting",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CA-06",
     "name": "Compliance Obligation Gap Analysis",
     "requirement_id": "Access certification",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CA-07",
     "name": "Third-Party and Supply Chain Compliance Obligations",
     "requirement_id": "Entitlement Management",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "OB-02",
     "name": "Obligation Owner Assignment",
     "requirement_id": "Entitlement Management",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "OB-03",
     "name": "Obligation Due Date and Milestone Tracking",
     "requirement_id": "Access certification",
     "fit": "adjacent"
    },
    {
     "domain": "compliance",
     "control": "OB-05",
     "name": "DORA ICT Obligation Tracking",
     "requirement_id": "Audit reporting",
     "fit": "adjacent"
    },
    {
     "domain": "compliance",
     "control": "OB-06",
     "name": "Contractual AI Obligation Management",
     "requirement_id": "Entitlement Management",
     "fit": "adjacent"
    },
    {
     "domain": "compliance",
     "control": "OB-07",
     "name": "Obligation Fulfillment Verification",
     "requirement_id": "Access certification",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "OB-08",
     "name": "Obligations Evidence Package",
     "requirement_id": "Audit reporting",
     "fit": "adjacent"
    },
    {
     "domain": "compliance",
     "control": "RF-05",
     "name": "FedRAMP Authorization Support for AI Systems",
     "requirement_id": "Access certification",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "RF-06",
     "name": "SOC 2 AI-Specific Evidence Production",
     "requirement_id": "Audit reporting",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CI-06",
     "name": "Internal Audit of AI Compliance Controls",
     "requirement_id": "Audit reporting",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CI-07",
     "name": "Remediation Tracking and Closure",
     "requirement_id": "Workflows",
     "fit": "adjacent"
    },
    {
     "domain": "compliance",
     "control": "AU-02",
     "name": "Evidence Collection, Curation, and Validation",
     "requirement_id": "Audit reporting",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "AU-03",
     "name": "Auditor Access and Cooperation Protocols",
     "requirement_id": "Access Requests",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "AU-04",
     "name": "Audit Trail Integrity",
     "requirement_id": "Audit reporting",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "AU-06",
     "name": "Audit Finding Remediation Program",
     "requirement_id": "Access certification",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "AU-07",
     "name": "Multi-Framework Evidence Reuse",
     "requirement_id": "Audit reporting",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "AU-08",
     "name": "ComplianceAttestation Production",
     "requirement_id": "Audit reporting",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CG-01",
     "name": "Compliance Governance Structure",
     "requirement_id": "Entitlement Management",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CG-02",
     "name": "Compliance Policy Framework for AI",
     "requirement_id": "Workflows",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CG-03",
     "name": "Senior and Board-Level Accountability for AI Compliance",
     "requirement_id": "Audit reporting",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CG-04",
     "name": "Compliance Risk Appetite Definition",
     "requirement_id": "Access Certifications",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CG-05",
     "name": "Compliance Program Resourcing",
     "requirement_id": "Access certification",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CG-06",
     "name": "Compliance Incident Response",
     "requirement_id": "Audit reporting",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CG-07",
     "name": "Compliance Program Metrics and KPIs",
     "requirement_id": "Audit reporting",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CG-08",
     "name": "Compliance Governance Evidence Package",
     "requirement_id": "Access certification",
     "fit": "partial"
    }
   ],
   "source_refs": [
    {
     "domain": "compliance",
     "control": "CA-03",
     "name": "Cross-Domain Evidence Routing",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CA-06",
     "name": "Compliance Obligation Gap Analysis",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CA-07",
     "name": "Third-Party and Supply Chain Compliance Obligations",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "OB-02",
     "name": "Obligation Owner Assignment",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "OB-03",
     "name": "Obligation Due Date and Milestone Tracking",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "OB-05",
     "name": "DORA ICT Obligation Tracking",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "OB-06",
     "name": "Contractual AI Obligation Management",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "OB-07",
     "name": "Obligation Fulfillment Verification",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "OB-08",
     "name": "Obligations Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "RF-05",
     "name": "FedRAMP Authorization Support for AI Systems",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "RF-06",
     "name": "SOC 2 AI-Specific Evidence Production",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CI-02",
     "name": "Continuous Compliance Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CI-06",
     "name": "Internal Audit of AI Compliance Controls",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CI-07",
     "name": "Remediation Tracking and Closure",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "AU-02",
     "name": "Evidence Collection, Curation, and Validation",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "AU-03",
     "name": "Auditor Access and Cooperation Protocols",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "AU-04",
     "name": "Audit Trail Integrity",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "AU-06",
     "name": "Audit Finding Remediation Program",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "AU-07",
     "name": "Multi-Framework Evidence Reuse",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "AU-08",
     "name": "ComplianceAttestation Production",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CG-01",
     "name": "Compliance Governance Structure",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CG-02",
     "name": "Compliance Policy Framework for AI",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CG-03",
     "name": "Senior and Board-Level Accountability for AI Compliance",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CG-04",
     "name": "Compliance Risk Appetite Definition",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CG-05",
     "name": "Compliance Program Resourcing",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CG-06",
     "name": "Compliance Incident Response",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CG-07",
     "name": "Compliance Program Metrics and KPIs",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CG-08",
     "name": "Compliance Governance Evidence Package",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {
    "compliance": 27
   },
   "title": "Okta Identity Governance",
   "total": 55
  },
  {
   "source_id": "imda_mgf",
   "framework_refs": [
    {
     "domain": "security",
     "control": "IA-01",
     "name": "Give every agent its own distinct identity, never a shared or human login",
     "requirement_id": "§2.1.2 (robust identity & permissions framework); §2.2.1 (per-agent identity tokens)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "IA-02",
     "name": "Hand out short-lived, task-scoped keys (no long-lived secrets)",
     "requirement_id": "§2.2.1 (scoped API keys); §2.1.2 (least-privilege permissions)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "IA-03",
     "name": "Act on the user's behalf with explicit approval for sensitive steps",
     "requirement_id": "§2.2.2 (human approval at significant checkpoints); §2.1.2 (agent limits)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "IA-04",
     "name": "Check permission continuously at run time, not just once at login",
     "requirement_id": "§2.3.1 (runtime controls; access controls enforced at the tool layer)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "IA-05",
     "name": "Find and inventory every agent, surface the shadow ones",
     "requirement_id": "§2.2.1 (maintain sufficient visibility & control over agents)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "IA-06",
     "name": "Bind a signed, end-to-end provenance chain to every agent action",
     "requirement_id": "§2.3.3 (complete audit trails); §2.2.1 (accountability across the value chain)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "EC-01",
     "name": "Run the agent in a sandbox, from process isolation up to micro-VMs",
     "requirement_id": "§2.1.2 (self-contained environments for high-risk tasks); §2.3.1 (sandbox code execution)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "EC-02",
     "name": "Filter the agent's outbound network traffic",
     "requirement_id": "§2.1.2 (limit agent network access)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "EC-03",
     "name": "Keep memory short-lived, and validate anything written to it",
     "requirement_id": "§2.3.1 (limit shared memory access); §2.1.1 (memory-poisoning threat modelling)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "EC-04",
     "name": "Limit filesystem and tool access to the bare minimum",
     "requirement_id": "§2.1.2 (least-privilege tool/data access); §2.3.1 (Tools)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "EC-05",
     "name": "Cap spend and resource use, stop denial-of-wallet",
     "requirement_id": "§2.3.1 (runtime rate limits on tool use)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "EC-06",
     "name": "Contain runaway loops and over-reach (least-agency)",
     "requirement_id": "§2.1.2 (bound autonomy via SOPs); §2.3.1 (runtime rate limits)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "EC-07",
     "name": "Trust-rank retrieved content before it enters the agent's context",
     "requirement_id": "§2.1.1 (taint tracing of untrusted data); §2.3.1 (input validation)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "EC-08",
     "name": "Keep secrets out of the prompt and context",
     "requirement_id": "§2.3.1 (separate sensitive data from agent context; user takeover for credentials)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "EC-09",
     "name": "Treat the workspace and its config and hooks as untrusted",
     "requirement_id": "§2.3.1 (tighten permissive-by-default configuration); §2.1.1 (third-party skill supply-chain risk)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "EC-10",
     "name": "Verify trigger provenance and admit autonomous runs",
     "requirement_id": "§2.1.1 (determine suitable use cases; bound how agents are triggered)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "PT-01",
     "name": "Authenticate and sign agent-to-agent communication",
     "requirement_id": "§2.3.1 (Multi-agent: communicate via structured schemas, not free text)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "PT-02",
     "name": "Authorize tool calls and govern the MCP server registry",
     "requirement_id": "§2.3.1 (MCP: whitelist trusted servers; MCP as a governance layer)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "PT-03",
     "name": "Verify skill/tool manifest integrity and sign the supply chain",
     "requirement_id": "§2.1.1 (third-party skill supply-chain risk)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "PT-04",
     "name": "Validate tool input/output, treat tool results as untrusted",
     "requirement_id": "§2.3.1 (runtime input validation of tool responses)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "PT-05",
     "name": "Encode and validate the agent's own output before it reaches other systems",
     "requirement_id": "§2.3.1 (validate outputs before they are acted upon)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "PT-06",
     "name": "Sanitize model-generated tool parameters, not just the schema",
     "requirement_id": "§2.3.1 (Tools: require strict input formats)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "PT-07",
     "name": "Verify tool descriptions for hidden instructions (description injection)",
     "requirement_id": "§2.3.1 (MCP: whitelist trusted servers, sandbox code execution); §2.2.2 (first-use trust verification for newly connected MCP servers — CodeBuddy case study)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "PT-08",
     "name": "Enforce an instruction hierarchy so tool output cannot give the agent orders",
     "requirement_id": "§2.3.1 (structural / system-level safeguards over prompt-layer)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "GV-01",
     "name": "Require a human hard-stop for irreversible actions",
     "requirement_id": "§2.2.2 (human approval at significant checkpoints, esp. irreversible actions)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "GV-02",
     "name": "Keep an immutable, tamper-evident audit trail of what the agent did",
     "requirement_id": "§2.3.3 (ensure log immutability; complete audit trails)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "GV-03",
     "name": "Define multi-agent authority and conflict resolution explicitly",
     "requirement_id": "§2.3.1 (multi-agent interactions); §2.1.1 (system-complexity / multi-agent risk)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "GV-04",
     "name": "Enforce policy as code at run time, in the request path",
     "requirement_id": "§2.3.1 (deterministic system-level safeguards over prompt-layer)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "GV-05",
     "name": "Run an AI management system and tier agents by their autonomy",
     "requirement_id": "§2.1.1 (risk-based autonomy tiering); §2.2.1 (governance approach & risk frameworks)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "GV-06",
     "name": "Cap the rate and volume of irreversible actions",
     "requirement_id": "§2.3.1 (rate limits); §2.2.2 (volume/value approval thresholds)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "GV-07",
     "name": "Protect humans from being deceived by an agent",
     "requirement_id": "§2.2.2 (guard against automation bias & anthropomorphic deception)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "GV-08",
     "name": "Make high-impact actions transactional, atomic, idempotent, state-checked",
     "requirement_id": "§2.2.2 (deny action by default when approval infrastructure fails)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "GV-09",
     "name": "Anchor a named business owner to every agent (accountability)",
     "requirement_id": "§2.2.1 (clear allocation of responsibility; use-case owner accountable)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "GV-10",
     "name": "Enable end-user responsibility and guard against automation bias",
     "requirement_id": "§2.4 (enable end-user responsibility); §2.2.2 (audit human-oversight effectiveness; guard against automation bias)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "GV-11",
     "name": "Plan recovery and compensation for actions the agent already committed",
     "requirement_id": "§2.3.3 (failsafe mechanisms; intervention up to fallback)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "RT-01",
     "name": "Capture OS-level telemetry of what the agent actually does",
     "requirement_id": "§2.3.3 (multi-layer monitoring; OpenTelemetry tracing)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "RT-02",
     "name": "Detect direct and indirect prompt injection at every input and output",
     "requirement_id": "§2.3.1 (input validation for injection); §2.1.1 (prompt-injection threat modelling)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "RT-03",
     "name": "Supervise the agent's reasoning and check it matches its actions",
     "requirement_id": "§2.3.1 (Planning: log & verify reasoning); §2.3.3 (monitor model-reasoning layer)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "RT-04",
     "name": "Detect anomalies and trigger pause, kill switch, or containment",
     "requirement_id": "§2.3.3 (alert thresholds, interventions up to termination & fallback)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "RT-05",
     "name": "Apply data-loss prevention to agent egress and interactions",
     "requirement_id": "§2.3.1 (filter sensitive data at the MCP layer); §2.2.1 (data protection)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "RT-06",
     "name": "Map AI-native threats, extend ATT&CK/ATLAS to agentic orchestration",
     "requirement_id": "§2.1.1 (threat modelling & taint tracing for agentic systems)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "RT-07",
     "name": "Detect multi-agent collusion and covert channels",
     "requirement_id": "§2.3.2 (test for emergent multi-agent behaviours); §1.2.3 (systemic & multi-agent risks)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "AS-01",
     "name": "Adversarially red-team and evaluate the agent before launch",
     "requirement_id": "§2.3.2 (pre-deployment testing: task execution, policy, robustness); §2.2.1 (regular red teaming)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "AS-02",
     "name": "Statically analyze agent skills and manifests in CI",
     "requirement_id": "§2.3.2 (pre-deployment testing); §2.1.1 (third-party skill supply-chain risk)",
     "fit": "adjacent"
    },
    {
     "domain": "security",
     "control": "AS-03",
     "name": "Gate releases on continuous adversarial validation",
     "requirement_id": "§2.3.3 (continuous testing post-deployment; guard against model drift)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "AS-07",
     "name": "Verify a skill does what it declares (behavioral integrity)",
     "requirement_id": "§2.3.2 (test tool-calling correctness); §2.1.1 (third-party skill risk)",
     "fit": "adjacent"
    }
   ],
   "source_refs": [
    {
     "domain": "security",
     "control": "IA-02",
     "name": "Hand out short-lived, task-scoped keys (no long-lived secrets)",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "security",
     "control": "IA-03",
     "name": "Act on the user's behalf with explicit approval for sensitive steps",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "security",
     "control": "EC-08",
     "name": "Keep secrets out of the prompt and context",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "security",
     "control": "GV-04",
     "name": "Enforce policy as code at run time, in the request path",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "security",
     "control": "GV-05",
     "name": "Run an AI management system and tier agents by their autonomy",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "security",
     "control": "GV-10",
     "name": "Enable end-user responsibility and guard against automation bias",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "security",
     "control": "RT-01",
     "name": "Capture OS-level telemetry of what the agent actually does",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "security",
     "control": "RT-03",
     "name": "Supervise the agent's reasoning and check it matches its actions",
     "relationship": "supporting_guidance"
    }
   ],
   "by_domain": {
    "security": 46
   },
   "title": "IMDA MGF for Agentic AI",
   "total": 54
  },
  {
   "source_id": "owasp_asi_2026",
   "framework_refs": [
    {
     "domain": "security",
     "control": "IA-01",
     "name": "Give every agent its own distinct identity, never a shared or human login",
     "requirement_id": "ASI03 Identity & Privilege Abuse",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "IA-02",
     "name": "Hand out short-lived, task-scoped keys (no long-lived secrets)",
     "requirement_id": "ASI03 Identity & Privilege Abuse",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "IA-03",
     "name": "Act on the user's behalf with explicit approval for sensitive steps",
     "requirement_id": "ASI03 Identity & Privilege Abuse; ASI02 Tool Misuse",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "IA-04",
     "name": "Check permission continuously at run time, not just once at login",
     "requirement_id": "ASI03 Identity & Privilege Abuse",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "IA-05",
     "name": "Find and inventory every agent, surface the shadow ones",
     "requirement_id": "ASI10 Rogue Agents",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "IA-06",
     "name": "Bind a signed, end-to-end provenance chain to every agent action",
     "requirement_id": "ASI08 Cascading Failures (adjacent: accountability / non-repudiation)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "EC-01",
     "name": "Run the agent in a sandbox, from process isolation up to micro-VMs",
     "requirement_id": "ASI05 Unexpected Code Execution",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "EC-02",
     "name": "Filter the agent's outbound network traffic",
     "requirement_id": "ASI03 Identity & Privilege Abuse (egress/exfiltration)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "EC-03",
     "name": "Keep memory short-lived, and validate anything written to it",
     "requirement_id": "ASI06 Memory & Context Poisoning",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "EC-04",
     "name": "Limit filesystem and tool access to the bare minimum",
     "requirement_id": "ASI02 Tool Misuse; ASI05 Unexpected Code Execution",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "EC-06",
     "name": "Contain runaway loops and over-reach (least-agency)",
     "requirement_id": "ASI01 Agent Goal Hijack; ASI10 Rogue Agents",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "EC-07",
     "name": "Trust-rank retrieved content before it enters the agent's context",
     "requirement_id": "ASI06 Memory & Context Poisoning (retrieval/RAG vector)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "EC-09",
     "name": "Treat the workspace and its config and hooks as untrusted",
     "requirement_id": "ASI04 Agentic Supply Chain Vulnerabilities; ASI02 Tool Misuse; ASI05 Unexpected Code Execution",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "PT-01",
     "name": "Authenticate and sign agent-to-agent communication",
     "requirement_id": "ASI07 Insecure Inter-Agent Communication",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "PT-02",
     "name": "Authorize tool calls and govern the MCP server registry",
     "requirement_id": "ASI02 Tool Misuse & Exploitation",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "PT-03",
     "name": "Verify skill/tool manifest integrity and sign the supply chain",
     "requirement_id": "ASI04 Agentic Supply Chain Vulnerabilities",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "PT-04",
     "name": "Validate tool input/output, treat tool results as untrusted",
     "requirement_id": "ASI01 Agent Goal Hijack; ASI02 Tool Misuse (indirect prompt injection)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "PT-05",
     "name": "Encode and validate the agent's own output before it reaches other systems",
     "requirement_id": "ASI08 Cascading Failures",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "PT-06",
     "name": "Sanitize model-generated tool parameters, not just the schema",
     "requirement_id": "ASI02 Tool Misuse; ASI05 Unexpected Code Execution",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "PT-07",
     "name": "Verify tool descriptions for hidden instructions (description injection)",
     "requirement_id": "ASI04 Agentic Supply Chain Vulnerabilities; ASI02 Tool Misuse; ASI01 Agent Goal Hijack",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "PT-08",
     "name": "Enforce an instruction hierarchy so tool output cannot give the agent orders",
     "requirement_id": "ASI01 Agent Goal Hijack",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "GV-01",
     "name": "Require a human hard-stop for irreversible actions",
     "requirement_id": "ASI10 Rogue Agents; ASI02 Tool Misuse",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "GV-02",
     "name": "Keep an immutable, tamper-evident audit trail of what the agent did",
     "requirement_id": "ASI08 Cascading Failures (adjacent: accountability / non-repudiation)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "GV-03",
     "name": "Define multi-agent authority and conflict resolution explicitly",
     "requirement_id": "ASI08 Cascading Failures",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "GV-04",
     "name": "Enforce policy as code at run time, in the request path",
     "requirement_id": "ASI01 Agent Goal Hijack; ASI02 Tool Misuse (deterministic enforcement)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "GV-06",
     "name": "Cap the rate and volume of irreversible actions",
     "requirement_id": "ASI08 Cascading Failures (blast-radius of irreversible actions)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "GV-07",
     "name": "Protect humans from being deceived by an agent",
     "requirement_id": "ASI09 Human-Agent Trust Exploitation",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "GV-08",
     "name": "Make high-impact actions transactional, atomic, idempotent, state-checked",
     "requirement_id": "ASI08 Cascading Failures; ASI03 Identity & Privilege Abuse",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "GV-10",
     "name": "Enable end-user responsibility and guard against automation bias",
     "requirement_id": "ASI09 Human-Agent Trust Exploitation (cross-ref GV-07)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "GV-11",
     "name": "Plan recovery and compensation for actions the agent already committed",
     "requirement_id": "ASI08 Cascading Failures (adjacent: recovery)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "RT-02",
     "name": "Detect direct and indirect prompt injection at every input and output",
     "requirement_id": "ASI01 Agent Goal Hijack",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "RT-03",
     "name": "Supervise the agent's reasoning and check it matches its actions",
     "requirement_id": "ASI01 Agent Goal Hijack",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "RT-04",
     "name": "Detect anomalies and trigger pause, kill switch, or containment",
     "requirement_id": "ASI10 Rogue Agents (containment)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "RT-07",
     "name": "Detect multi-agent collusion and covert channels",
     "requirement_id": "ASI07 Insecure Inter-Agent Communication; ASI08 Cascading Failures (multi-agent collusion)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "RT-08",
     "name": "Monitor latent and representation-level signals, not just visible reasoning",
     "requirement_id": "ASI01 Agent Goal Hijack (latent / opaque-reasoning vector)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "AS-01",
     "name": "Adversarially red-team and evaluate the agent before launch",
     "requirement_id": "ASI01 Agent Goal Hijack (multi-turn drift)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "AS-02",
     "name": "Statically analyze agent skills and manifests in CI",
     "requirement_id": "ASI04 Agentic Supply Chain Vulnerabilities",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "AS-06",
     "name": "Verify model-weights and training-data provenance before load",
     "requirement_id": "ASI04 Agentic Supply Chain Vulnerabilities (model layer)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "AS-07",
     "name": "Verify a skill does what it declares (behavioral integrity)",
     "requirement_id": "ASI04 Agentic Supply Chain Vulnerabilities; ASI02 Tool Misuse",
     "fit": "direct"
    }
   ],
   "source_refs": [
    {
     "domain": "security",
     "control": "EC-03",
     "name": "Keep memory short-lived, and validate anything written to it",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "EC-04",
     "name": "Limit filesystem and tool access to the bare minimum",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "EC-06",
     "name": "Contain runaway loops and over-reach (least-agency)",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "EC-07",
     "name": "Trust-rank retrieved content before it enters the agent's context",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "EC-09",
     "name": "Treat the workspace and its config and hooks as untrusted",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "EC-10",
     "name": "Verify trigger provenance and admit autonomous runs",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "PT-03",
     "name": "Verify skill/tool manifest integrity and sign the supply chain",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "PT-06",
     "name": "Sanitize model-generated tool parameters, not just the schema",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "PT-07",
     "name": "Verify tool descriptions for hidden instructions (description injection)",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "GV-04",
     "name": "Enforce policy as code at run time, in the request path",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "GV-06",
     "name": "Cap the rate and volume of irreversible actions",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "GV-07",
     "name": "Protect humans from being deceived by an agent",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "GV-08",
     "name": "Make high-impact actions transactional, atomic, idempotent, state-checked",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "AS-02",
     "name": "Statically analyze agent skills and manifests in CI",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "AS-07",
     "name": "Verify a skill does what it declares (behavioral integrity)",
     "relationship": "implementation_pattern"
    }
   ],
   "by_domain": {
    "security": 39
   },
   "title": "OWASP Top 10 for Agentic Applications 2026",
   "total": 54
  },
  {
   "source_id": "anthropic_privacy_policy_2024",
   "framework_refs": [
    {
     "domain": "privacy",
     "control": "DC-03",
     "name": "Consent Registry",
     "requirement_id": "Anthropic Data Processing Addendum — training data commitments",
     "fit": "adjacent"
    },
    {
     "domain": "privacy",
     "control": "DC-04",
     "name": "Consent Signal Validation",
     "requirement_id": "Anthropic Privacy Policy and Consumer Terms — training data opt-in/opt-out",
     "fit": "adjacent"
    },
    {
     "domain": "privacy",
     "control": "DC-05",
     "name": "Consent Withdrawal Processing",
     "requirement_id": "Anthropic Zero Data Retention (ZDR) Addendum",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "DC-08",
     "name": "Consent Change Propagation",
     "requirement_id": "Anthropic Data Processing Addendum — processing on documented instructions",
     "fit": "adjacent"
    },
    {
     "domain": "privacy",
     "control": "DG-02",
     "name": "Data Processor Agreements",
     "requirement_id": "Anthropic Data Processing Addendum (DPA)",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DG-03",
     "name": "International Transfer Mechanism Registry",
     "requirement_id": "Anthropic Data Processing Addendum — Standard Contractual Clauses",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "DG-05",
     "name": "DPIA Lifecycle Management",
     "requirement_id": "Anthropic Responsible Scaling Policy — pre-deployment capability assessments",
     "fit": "adjacent"
    },
    {
     "domain": "privacy",
     "control": "DG-06",
     "name": "Data Breach Response",
     "requirement_id": "Anthropic Data Processing Addendum — security incident notification",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "DG-07",
     "name": "Data Retention and Deletion Schedule",
     "requirement_id": "Anthropic API data retention controls",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DS-01",
     "name": "Rights Request Reception",
     "requirement_id": "Anthropic privacy support channels",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "DS-04",
     "name": "Erasure and Anonymization",
     "requirement_id": "Anthropic zero data retention option — non-retention by architecture",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "DS-07",
     "name": "Objection and Restriction Processing",
     "requirement_id": "Anthropic zero data retention option",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "DP-03",
     "name": "Data Minimization Enforcement",
     "requirement_id": "Anthropic API data retention defaults",
     "fit": "adjacent"
    },
    {
     "domain": "privacy",
     "control": "DP-07",
     "name": "AI Telemetry Data Controls",
     "requirement_id": "Anthropic API log retention controls",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "PM-04",
     "name": "Consent State Consistency Monitoring",
     "requirement_id": "Anthropic API data controls — configuration verification",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "PM-07",
     "name": "Third-Party Privacy Monitoring",
     "requirement_id": "Anthropic Data Processing Addendum — subprocessor disclosure and objection rights",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "PC-02",
     "name": "Privacy Certification Program",
     "requirement_id": "Anthropic compliance artifacts — SOC 2 Type II, GDPR DPA, HIPAA BAA",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "PC-03",
     "name": "Jurisdiction-Specific Compliance Package",
     "requirement_id": "Anthropic Data Processing Addendum and compliance documentation",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "PC-06",
     "name": "AI Privacy Impact Assessment",
     "requirement_id": "Anthropic Responsible Scaling Policy — pre-deployment risk assessment discipline",
     "fit": "adjacent"
    },
    {
     "domain": "privacy",
     "control": "PC-08",
     "name": "PrivacyAttestation [BASELINE]",
     "requirement_id": "Anthropic SOC 2 Type II and GDPR DPA — vendor assurance artifacts",
     "fit": "supporting"
    },
    {
     "domain": "data",
     "control": "DX-05",
     "name": "Third-Party Data Sharing Agreements and Controls",
     "requirement_id": "Privacy Policy",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DI-04",
     "name": "AI Output Data Integrity Verification",
     "requirement_id": "Usage Policy",
     "fit": "adjacent"
    },
    {
     "domain": "data",
     "control": "DI-06",
     "name": "Model Memorization Risk Assessment and Output Leakage Prevention",
     "requirement_id": "Privacy Policy",
     "fit": "adjacent"
    },
    {
     "domain": "data",
     "control": "DM-07",
     "name": "Synthetic Data Governance",
     "requirement_id": "Privacy Policy",
     "fit": "adjacent"
    },
    {
     "domain": "data",
     "control": "DL-02",
     "name": "Training Data Lineage Documentation",
     "requirement_id": "Privacy Policy",
     "fit": "adjacent"
    },
    {
     "domain": "data",
     "control": "DA-03",
     "name": "Consent-Based Data Access Controls",
     "requirement_id": "Privacy Policy",
     "fit": "adjacent"
    },
    {
     "domain": "data",
     "control": "DV-04",
     "name": "AI Output Validation Rules",
     "requirement_id": "Usage Policy",
     "fit": "adjacent"
    }
   ],
   "source_refs": [
    {
     "domain": "privacy",
     "control": "DC-03",
     "name": "Consent Registry",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DC-04",
     "name": "Consent Signal Validation",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DC-05",
     "name": "Consent Withdrawal Processing",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DC-08",
     "name": "Consent Change Propagation",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DG-02",
     "name": "Data Processor Agreements",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DG-03",
     "name": "International Transfer Mechanism Registry",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DG-05",
     "name": "DPIA Lifecycle Management",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DG-06",
     "name": "Data Breach Response",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DG-07",
     "name": "Data Retention and Deletion Schedule",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DS-01",
     "name": "Rights Request Reception",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DS-04",
     "name": "Erasure and Anonymization",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DS-07",
     "name": "Objection and Restriction Processing",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DP-03",
     "name": "Data Minimization Enforcement",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DP-07",
     "name": "AI Telemetry Data Controls",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "PM-04",
     "name": "Consent State Consistency Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "PM-07",
     "name": "Third-Party Privacy Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "PC-02",
     "name": "Privacy Certification Program",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "PC-03",
     "name": "Jurisdiction-Specific Compliance Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "PC-06",
     "name": "AI Privacy Impact Assessment",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "PC-08",
     "name": "PrivacyAttestation [BASELINE]",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DX-05",
     "name": "Third-Party Data Sharing Agreements and Controls",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DI-04",
     "name": "AI Output Data Integrity Verification",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DI-06",
     "name": "Model Memorization Risk Assessment and Output Leakage Prevention",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DM-07",
     "name": "Synthetic Data Governance",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DL-02",
     "name": "Training Data Lineage Documentation",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DA-03",
     "name": "Consent-Based Data Access Controls",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DV-04",
     "name": "AI Output Validation Rules",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {
    "privacy": 20,
    "data": 7
   },
   "title": "Anthropic Privacy Policy & Zero Data Retention Addendum",
   "total": 54
  },
  {
   "source_id": "nist_csf_2_0",
   "framework_refs": [
    {
     "domain": "security",
     "control": "EC-12",
     "name": "AI Serving-Stack Vulnerability Management",
     "requirement_id": "ID.RA-01",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "EC-12",
     "name": "AI Serving-Stack Vulnerability Management",
     "requirement_id": "ID.RA-06",
     "fit": "supporting"
    },
    {
     "domain": "compliance",
     "control": "CA-02",
     "name": "Compliance Framework Selection and Mapping",
     "requirement_id": "GV.PO-01",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CA-05",
     "name": "Regulatory Change Management",
     "requirement_id": "GV.OC-01",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CA-06",
     "name": "Compliance Obligation Gap Analysis",
     "requirement_id": "ID.RA-01",
     "fit": "adjacent"
    },
    {
     "domain": "compliance",
     "control": "OB-05",
     "name": "DORA ICT Obligation Tracking",
     "requirement_id": "GV.OC-03",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "RF-03",
     "name": "EU AI Act Technical Documentation Package (Art. 11)",
     "requirement_id": "GV.OC-03",
     "fit": "adjacent"
    },
    {
     "domain": "compliance",
     "control": "RF-04",
     "name": "EU AI Act Post-Market Monitoring Plan (Art. 72)",
     "requirement_id": "DE.CM-09",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "RF-05",
     "name": "FedRAMP Authorization Support for AI Systems",
     "requirement_id": "GV.OC-03",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "RF-06",
     "name": "SOC 2 AI-Specific Evidence Production",
     "requirement_id": "ID.AM-01",
     "fit": "adjacent"
    },
    {
     "domain": "compliance",
     "control": "CI-02",
     "name": "Continuous Compliance Monitoring",
     "requirement_id": "DE.CM-01",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CI-07",
     "name": "Remediation Tracking and Closure",
     "requirement_id": "RS.MI",
     "fit": "adjacent"
    },
    {
     "domain": "compliance",
     "control": "AU-04",
     "name": "Audit Trail Integrity",
     "requirement_id": "PR.DS-01",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "AU-07",
     "name": "Multi-Framework Evidence Reuse",
     "requirement_id": "GV.OC-03",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CG-02",
     "name": "Compliance Policy Framework for AI",
     "requirement_id": "GV.OC-03",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CG-06",
     "name": "Compliance Incident Response",
     "requirement_id": "RS.CO and RS.AN",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RV-01",
     "name": "AI System RTO/RPO Definition and Validation",
     "requirement_id": "RC.RP-01",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RV-02",
     "name": "Resilience Control Verification Testing",
     "requirement_id": "RC.RP-02",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RV-03",
     "name": "Chaos Engineering for AI Systems",
     "requirement_id": "ID.IM-02",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RV-04",
     "name": "Recovery Capability Verification After Actual Incident",
     "requirement_id": "ID.IM-04",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RV-05",
     "name": "Third-Party AI Dependency Resilience Assessment",
     "requirement_id": "GV.SC-07",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RV-06",
     "name": "Multi-Region and Multi-AZ Resilience Verification",
     "requirement_id": "PR.IR-04",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RV-07",
     "name": "Degraded-Mode AI Operation Testing",
     "requirement_id": "RC.RP-02",
     "fit": "adjacent"
    },
    {
     "domain": "resilience",
     "control": "RV-08",
     "name": "Resilience Verification Evidence Package",
     "requirement_id": "GV.RR-02",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RP-01",
     "name": "AI-Specific Business Continuity Plan",
     "requirement_id": "RC.RP-01",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RP-02",
     "name": "AI System Disaster Recovery Plan",
     "requirement_id": "RC.RP-02",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RP-03",
     "name": "Model Rollback and Previous Version Recovery Planning",
     "requirement_id": "RC.RP-01",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RP-04",
     "name": "RAG Index and Knowledge Base Recovery Plan",
     "requirement_id": "RC.RP-02",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RP-05",
     "name": "Recovery Priority Classification for AI Systems",
     "requirement_id": "ID.AM-05",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RP-07",
     "name": "Recovery Plan Testing and Tabletop Exercises",
     "requirement_id": "ID.IM-02",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RP-08",
     "name": "Recovery Planning Evidence Package",
     "requirement_id": "RC.RP-05",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RO-01",
     "name": "AI System Failover Execution Procedures",
     "requirement_id": "RC.RP-01",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RO-02",
     "name": "Model Rollback Execution and Validation",
     "requirement_id": "RC.RP-02",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RO-03",
     "name": "Data Recovery and Integrity Verification Post-Incident",
     "requirement_id": "RC.RP-03",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RO-05",
     "name": "Pre-Restoration Validation Before Traffic Resumption",
     "requirement_id": "RC.RP-05",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RO-07",
     "name": "Recovery Time Compliance Verification",
     "requirement_id": "ID.IM-03",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RO-08",
     "name": "Recovery Operations Evidence Package",
     "requirement_id": "ID.IM-04",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "FO-01",
     "name": "Graceful Degradation Design Patterns",
     "requirement_id": "RC.RP-01 — Recovery Plan Execution",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "FO-06",
     "name": "Load Shedding and Backpressure Mechanisms",
     "requirement_id": "PR.IR-04",
     "fit": "adjacent"
    },
    {
     "domain": "resilience",
     "control": "FO-08",
     "name": "Fault Tolerance Evidence Package",
     "requirement_id": "GV.OC-04 — Organizational Resilience Requirements",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RE-01",
     "name": "High Availability Architecture for AI Systems",
     "requirement_id": "RC.RP-01",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RE-03",
     "name": "Data Redundancy and Backup Governance",
     "requirement_id": "RC.RP-02",
     "fit": "adjacent"
    },
    {
     "domain": "resilience",
     "control": "RE-07",
     "name": "Resilience Engineering Review in Development Lifecycle",
     "requirement_id": "GV.OC-01",
     "fit": "adjacent"
    },
    {
     "domain": "resilience",
     "control": "RE-08",
     "name": "Resilience Engineering Evidence Package",
     "requirement_id": "ID.IM-03",
     "fit": "adjacent"
    },
    {
     "domain": "resilience",
     "control": "RG-01",
     "name": "Resilience Governance Structure",
     "requirement_id": "GV.RR",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RG-02",
     "name": "Resilience Policy Framework",
     "requirement_id": "GV.PO",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RG-03",
     "name": "Senior Accountability for AI Operational Resilience",
     "requirement_id": "GV.RR-02",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RG-05",
     "name": "Resilience Program Resourcing",
     "requirement_id": "GV.SC-07",
     "fit": "adjacent"
    },
    {
     "domain": "resilience",
     "control": "RG-06",
     "name": "Resilience Incident Response Integration",
     "requirement_id": "RC.RP",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RG-07",
     "name": "Resilience Program Metrics and Board Reporting",
     "requirement_id": "GV.OV-03",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RG-08",
     "name": "ResilienceAttestation Production",
     "requirement_id": "GV.OV-01",
     "fit": "direct"
    }
   ],
   "source_refs": [],
   "by_domain": {
    "security": 2,
    "compliance": 14,
    "resilience": 35
   },
   "title": "nist_csf_2_0",
   "total": 51
  },
  {
   "source_id": "google_cloud_compliance_2024",
   "framework_refs": [
    {
     "domain": "compliance",
     "control": "CA-01",
     "name": "Regulatory Scope Determination",
     "requirement_id": "Shared responsibility matrix",
     "fit": "adjacent"
    },
    {
     "domain": "compliance",
     "control": "CA-02",
     "name": "Compliance Framework Selection and Mapping",
     "requirement_id": "Regulatory guidance",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CA-04",
     "name": "Design-Time Compliance Classification",
     "requirement_id": "Shared responsibility matrix",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CA-05",
     "name": "Regulatory Change Management",
     "requirement_id": "Regulatory guidance",
     "fit": "adjacent"
    },
    {
     "domain": "compliance",
     "control": "CA-07",
     "name": "Third-Party and Supply Chain Compliance Obligations",
     "requirement_id": "Certification documentation",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CA-08",
     "name": "Compliance Architecture Evidence Package",
     "requirement_id": "Certification documentation",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "OB-01",
     "name": "Obligation Register",
     "requirement_id": "Compliance report",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "OB-07",
     "name": "Obligation Fulfillment Verification",
     "requirement_id": "Compliance report",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "OB-08",
     "name": "Obligations Evidence Package",
     "requirement_id": "Certification documentation",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "RF-01",
     "name": "EU AI Act High-Risk AI System Classification",
     "requirement_id": "Regulatory guidance",
     "fit": "adjacent"
    },
    {
     "domain": "compliance",
     "control": "RF-03",
     "name": "EU AI Act Technical Documentation Package (Art. 11)",
     "requirement_id": "Certification documentation",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "RF-05",
     "name": "FedRAMP Authorization Support for AI Systems",
     "requirement_id": "FedRAMP High",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "RF-06",
     "name": "SOC 2 AI-Specific Evidence Production",
     "requirement_id": "Compliance report",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "CI-04",
     "name": "Compliance Tooling Implementation",
     "requirement_id": "Compliance Reports Manager",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CI-06",
     "name": "Internal Audit of AI Compliance Controls",
     "requirement_id": "Certification documentation",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CI-08",
     "name": "Compliance Implementation Evidence Package",
     "requirement_id": "Compliance report",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "AU-01",
     "name": "Audit Readiness Program",
     "requirement_id": "Compliance report",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "AU-02",
     "name": "Evidence Collection, Curation, and Validation",
     "requirement_id": "Certification documentation",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "AU-04",
     "name": "Audit Trail Integrity",
     "requirement_id": "Shared responsibility matrix",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "AU-07",
     "name": "Multi-Framework Evidence Reuse",
     "requirement_id": "Shared responsibility matrix",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "AU-08",
     "name": "ComplianceAttestation Production",
     "requirement_id": "Compliance report",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CG-02",
     "name": "Compliance Policy Framework for AI",
     "requirement_id": "Shared responsibility matrix",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CG-05",
     "name": "Compliance Program Resourcing",
     "requirement_id": "Compliance report",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CG-06",
     "name": "Compliance Incident Response",
     "requirement_id": "Shared responsibility matrix",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "CG-08",
     "name": "Compliance Governance Evidence Package",
     "requirement_id": "Certification documentation",
     "fit": "direct"
    }
   ],
   "source_refs": [
    {
     "domain": "compliance",
     "control": "CA-01",
     "name": "Regulatory Scope Determination",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CA-02",
     "name": "Compliance Framework Selection and Mapping",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CA-04",
     "name": "Design-Time Compliance Classification",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CA-05",
     "name": "Regulatory Change Management",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CA-07",
     "name": "Third-Party and Supply Chain Compliance Obligations",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CA-08",
     "name": "Compliance Architecture Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "OB-01",
     "name": "Obligation Register",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "OB-07",
     "name": "Obligation Fulfillment Verification",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "OB-08",
     "name": "Obligations Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "RF-01",
     "name": "EU AI Act High-Risk AI System Classification",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "RF-03",
     "name": "EU AI Act Technical Documentation Package (Art. 11)",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "RF-05",
     "name": "FedRAMP Authorization Support for AI Systems",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "RF-06",
     "name": "SOC 2 AI-Specific Evidence Production",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CI-04",
     "name": "Compliance Tooling Implementation",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CI-06",
     "name": "Internal Audit of AI Compliance Controls",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CI-08",
     "name": "Compliance Implementation Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "AU-01",
     "name": "Audit Readiness Program",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "AU-02",
     "name": "Evidence Collection, Curation, and Validation",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "AU-04",
     "name": "Audit Trail Integrity",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "AU-07",
     "name": "Multi-Framework Evidence Reuse",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "AU-08",
     "name": "ComplianceAttestation Production",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CG-02",
     "name": "Compliance Policy Framework for AI",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CG-05",
     "name": "Compliance Program Resourcing",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CG-06",
     "name": "Compliance Incident Response",
     "relationship": "informative_reference"
    },
    {
     "domain": "compliance",
     "control": "CG-08",
     "name": "Compliance Governance Evidence Package",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {
    "compliance": 25
   },
   "title": "Google Cloud Compliance & Assurance",
   "total": 50
  },
  {
   "source_id": "nist_privacy_framework",
   "framework_refs": [
    {
     "domain": "privacy",
     "control": "DC-01",
     "name": "Personal Data Inventory",
     "requirement_id": "ID.IM-P1",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DC-04",
     "name": "Consent Signal Validation",
     "requirement_id": "CT.PO-P1",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DC-06",
     "name": "Data Purpose Limitation Mapping",
     "requirement_id": "ID.IM-P5",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DC-08",
     "name": "Consent Change Propagation",
     "requirement_id": "CT.DM-P7",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DC-09",
     "name": "Data Collection Layer Evidence Package",
     "requirement_id": "CT.DM-P8",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DG-01",
     "name": "Data Processing Register",
     "requirement_id": "ID.IM-P8",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "DG-03",
     "name": "International Transfer Mechanism Registry",
     "requirement_id": "ID.DE-P3",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "DG-08",
     "name": "Governance Evidence Archive",
     "requirement_id": "CT.DM-P8",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "DS-02",
     "name": "Identity Verification for Rights Requests",
     "requirement_id": "PR.AC-P6",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "DS-06",
     "name": "Portability and Interoperability",
     "requirement_id": "CT.DM-P6",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "DS-08",
     "name": "Rights Request Evidence Log",
     "requirement_id": "CT.DM-P8",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "DP-01",
     "name": "Encryption at Rest and in Transit",
     "requirement_id": "PR.DS-P1/PR.DS-P2",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DP-03",
     "name": "Data Minimization Enforcement",
     "requirement_id": "CT.DP-P1",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DP-04",
     "name": "Inference Scope Limitation",
     "requirement_id": "CT.DP-P3",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DP-05",
     "name": "Output PII Scrubbing",
     "requirement_id": "PR.DS-P5",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DP-06",
     "name": "Synthetic Data Governance",
     "requirement_id": "CT.DP-P2",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DP-07",
     "name": "AI Telemetry Data Controls",
     "requirement_id": "CT.DM-P8",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DP-08",
     "name": "Data Protection Evidence Log",
     "requirement_id": "CT.DM-P8",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "PM-01",
     "name": "Privacy Incident Detection",
     "requirement_id": "PR.DS-P5",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "PM-02",
     "name": "Cross-Context Inference Monitoring",
     "requirement_id": "CT.DP-P1",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "PM-03",
     "name": "Purpose Creep Detection",
     "requirement_id": "GV.MT-P1",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "PM-04",
     "name": "Consent State Consistency Monitoring",
     "requirement_id": "CT.PO-P1",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "PM-05",
     "name": "Inference Log Monitoring",
     "requirement_id": "CT.DM-P8",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "PM-07",
     "name": "Third-Party Privacy Monitoring",
     "requirement_id": "ID.DE-P5",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "PM-08",
     "name": "Privacy Monitoring Evidence Archive",
     "requirement_id": "CT.DM-P8",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "PC-02",
     "name": "Privacy Certification Program",
     "requirement_id": "GV.MT-P3",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "PC-04",
     "name": "Privacy Program Effectiveness Assessment",
     "requirement_id": "GV.MT-P3",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "PC-05",
     "name": "Privacy-by-Design Certification",
     "requirement_id": "GV.PO-P2",
     "fit": "supporting"
    },
    {
     "domain": "data",
     "control": "DX-01",
     "name": "Data Sensitivity Classification Framework for AI",
     "requirement_id": "ID.IM-P1",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DX-02",
     "name": "Inter-System Data Transfer Authorization",
     "requirement_id": "CT.PO-P2",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DX-04",
     "name": "Cross-Border Data Transfer Controls",
     "requirement_id": "GV.PO-P5",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DX-05",
     "name": "Third-Party Data Sharing Agreements and Controls",
     "requirement_id": "CT.PO-P2",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DX-07",
     "name": "Data Exchange Security Controls",
     "requirement_id": "PR.DS-P2",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DI-02",
     "name": "Tamper Detection for AI Inference Inputs",
     "requirement_id": "PR.DS-P6",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DI-04",
     "name": "AI Output Data Integrity Verification",
     "requirement_id": "PR.DS-P6",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DI-06",
     "name": "Model Memorization Risk Assessment and Output Leakage Prevention",
     "requirement_id": "CT.DP-P2",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DM-02",
     "name": "Data Classification and Sensitivity Tagging at Rest",
     "requirement_id": "ID.IM-P6",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DM-03",
     "name": "Data Retention and Disposal Governance",
     "requirement_id": "CT.DM-P4",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DM-07",
     "name": "Synthetic Data Governance",
     "requirement_id": "CT.DP-P2",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DL-03",
     "name": "Inference-Time Data Lineage (Per-Decision Provenance)",
     "requirement_id": "CT.PO-P1",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DL-06",
     "name": "Data Lineage for Regulatory and Legal Purposes",
     "requirement_id": "GV.PO-P5",
     "fit": "adjacent"
    },
    {
     "domain": "data",
     "control": "DA-01",
     "name": "AI Data Access Authorization Framework",
     "requirement_id": "PR.AC-P4",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DA-02",
     "name": "Data Minimization Implementation for AI",
     "requirement_id": "CT.DP-P1",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DA-03",
     "name": "Consent-Based Data Access Controls",
     "requirement_id": "CT.PO-P1",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DA-04",
     "name": "Privileged Data Access Monitoring",
     "requirement_id": "CT.DM-P8",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DA-06",
     "name": "Cross-Border Data Access Jurisdiction Controls",
     "requirement_id": "GV.PO-P1",
     "fit": "adjacent"
    },
    {
     "domain": "data",
     "control": "DA-07",
     "name": "Emergency AI Data Access Procedures",
     "requirement_id": "CT.DM-P8",
     "fit": "adjacent"
    },
    {
     "domain": "data",
     "control": "DA-08",
     "name": "Data Access Evidence Package",
     "requirement_id": "GV.MT-P1",
     "fit": "partial"
    }
   ],
   "source_refs": [],
   "by_domain": {
    "privacy": 28,
    "data": 20
   },
   "title": "nist_privacy_framework",
   "total": 48
  },
  {
   "source_id": "openai_privacy_dpa_2024",
   "framework_refs": [
    {
     "domain": "privacy",
     "control": "DC-03",
     "name": "Consent Registry",
     "requirement_id": "OpenAI Data Processing Addendum — customer content and training commitments",
     "fit": "adjacent"
    },
    {
     "domain": "privacy",
     "control": "DC-04",
     "name": "Consent Signal Validation",
     "requirement_id": "OpenAI Enterprise Privacy — customer responsibility for lawful data use",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "DC-05",
     "name": "Consent Withdrawal Processing",
     "requirement_id": "OpenAI privacy request processing — data deletion",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DC-08",
     "name": "Consent Change Propagation",
     "requirement_id": "OpenAI API data controls — retention and training configuration",
     "fit": "adjacent"
    },
    {
     "domain": "privacy",
     "control": "DG-02",
     "name": "Data Processor Agreements",
     "requirement_id": "OpenAI Data Processing Addendum — GDPR Art 28 processor terms",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DG-03",
     "name": "International Transfer Mechanism Registry",
     "requirement_id": "OpenAI data residency — regional storage options",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "DG-04",
     "name": "Transfer Impact Assessment",
     "requirement_id": "OpenAI DPA and security documentation — customer transfer assessment inputs",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "DG-07",
     "name": "Data Retention and Deletion Schedule",
     "requirement_id": "OpenAI API data retention policy — 30-day default",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DS-01",
     "name": "Rights Request Reception",
     "requirement_id": "OpenAI privacy request channels (privacy.openai.com / dsar@openai.com)",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "DS-03",
     "name": "Access Request Fulfillment",
     "requirement_id": "OpenAI privacy request fulfillment — personal data access",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "DS-04",
     "name": "Erasure and Anonymization",
     "requirement_id": "OpenAI data deletion controls",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DS-05",
     "name": "Automated Decision Explanation Rights",
     "requirement_id": "OpenAI system cards — model behavior transparency",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "DS-06",
     "name": "Portability and Interoperability",
     "requirement_id": "OpenAI API — customer data export",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "DS-07",
     "name": "Objection and Restriction Processing",
     "requirement_id": "OpenAI enterprise data controls — business data not used for training by default",
     "fit": "adjacent"
    },
    {
     "domain": "privacy",
     "control": "DS-08",
     "name": "Rights Request Evidence Log",
     "requirement_id": "OpenAI privacy request records",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "DP-01",
     "name": "Encryption at Rest and in Transit",
     "requirement_id": "OpenAI security practices — AES-256 at rest, TLS 1.2+ in transit",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DP-04",
     "name": "Inference Scope Limitation",
     "requirement_id": "OpenAI usage policies — restricted inference uses",
     "fit": "adjacent"
    },
    {
     "domain": "privacy",
     "control": "DP-07",
     "name": "AI Telemetry Data Controls",
     "requirement_id": "OpenAI API log retention — 30-day abuse monitoring window",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "PM-04",
     "name": "Consent State Consistency Monitoring",
     "requirement_id": "OpenAI API usage monitoring — data control configuration audit",
     "fit": "adjacent"
    },
    {
     "domain": "privacy",
     "control": "PM-07",
     "name": "Third-Party Privacy Monitoring",
     "requirement_id": "OpenAI sub-processor list — DPA notification rights",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "PC-01",
     "name": "Regulatory Obligation Mapping",
     "requirement_id": "OpenAI trust and compliance documentation",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "PC-02",
     "name": "Privacy Certification Program",
     "requirement_id": "OpenAI compliance certifications — SOC 2, ISO 27001, ISO 42001, CSA STAR",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "PC-03",
     "name": "Jurisdiction-Specific Compliance Package",
     "requirement_id": "OpenAI data residency — regional offerings",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "PC-08",
     "name": "PrivacyAttestation [BASELINE]",
     "requirement_id": "OpenAI certifications — SOC 2, ISO 27001, ISO 42001",
     "fit": "supporting"
    }
   ],
   "source_refs": [
    {
     "domain": "privacy",
     "control": "DC-03",
     "name": "Consent Registry",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DC-04",
     "name": "Consent Signal Validation",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DC-05",
     "name": "Consent Withdrawal Processing",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DC-08",
     "name": "Consent Change Propagation",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DG-02",
     "name": "Data Processor Agreements",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DG-03",
     "name": "International Transfer Mechanism Registry",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DG-04",
     "name": "Transfer Impact Assessment",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DG-07",
     "name": "Data Retention and Deletion Schedule",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DS-01",
     "name": "Rights Request Reception",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DS-03",
     "name": "Access Request Fulfillment",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DS-04",
     "name": "Erasure and Anonymization",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DS-05",
     "name": "Automated Decision Explanation Rights",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DS-06",
     "name": "Portability and Interoperability",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DS-07",
     "name": "Objection and Restriction Processing",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DS-08",
     "name": "Rights Request Evidence Log",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DP-01",
     "name": "Encryption at Rest and in Transit",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DP-04",
     "name": "Inference Scope Limitation",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "DP-07",
     "name": "AI Telemetry Data Controls",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "PM-04",
     "name": "Consent State Consistency Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "PM-07",
     "name": "Third-Party Privacy Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "PC-01",
     "name": "Regulatory Obligation Mapping",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "PC-02",
     "name": "Privacy Certification Program",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "PC-03",
     "name": "Jurisdiction-Specific Compliance Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "privacy",
     "control": "PC-08",
     "name": "PrivacyAttestation [BASELINE]",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {
    "privacy": 24
   },
   "title": "OpenAI Privacy Policy & Data Processing Addendum",
   "total": 48
  },
  {
   "source_id": "dora",
   "framework_refs": [
    {
     "domain": "compliance",
     "control": "RF-01",
     "name": "EU AI Act High-Risk AI System Classification",
     "requirement_id": "Art. 28(3)",
     "fit": "supporting"
    },
    {
     "domain": "resilience",
     "control": "RV-01",
     "name": "AI System RTO/RPO Definition and Validation",
     "requirement_id": "Art. 12",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RV-02",
     "name": "Resilience Control Verification Testing",
     "requirement_id": "Art. 25",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RV-03",
     "name": "Chaos Engineering for AI Systems",
     "requirement_id": "Art. 26",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RV-04",
     "name": "Recovery Capability Verification After Actual Incident",
     "requirement_id": "Art. 17",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RV-05",
     "name": "Third-Party AI Dependency Resilience Assessment",
     "requirement_id": "Art. 28-30",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RV-06",
     "name": "Multi-Region and Multi-AZ Resilience Verification",
     "requirement_id": "Art. 12(1)-(2)",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RV-08",
     "name": "Resilience Verification Evidence Package",
     "requirement_id": "Art. 30",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RP-01",
     "name": "AI-Specific Business Continuity Plan",
     "requirement_id": "Art. 11",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RP-02",
     "name": "AI System Disaster Recovery Plan",
     "requirement_id": "Art. 12",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RP-03",
     "name": "Model Rollback and Previous Version Recovery Planning",
     "requirement_id": "Art. 12",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RP-05",
     "name": "Recovery Priority Classification for AI Systems",
     "requirement_id": "Art. 11(5)",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RP-06",
     "name": "Third-Party AI Provider Outage Response Plan",
     "requirement_id": "Art. 28",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RP-07",
     "name": "Recovery Plan Testing and Tabletop Exercises",
     "requirement_id": "Art. 26",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RP-08",
     "name": "Recovery Planning Evidence Package",
     "requirement_id": "Art. 11(10)",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RO-01",
     "name": "AI System Failover Execution Procedures",
     "requirement_id": "Art. 12(1)",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RO-02",
     "name": "Model Rollback Execution and Validation",
     "requirement_id": "Art. 9(4)(e)",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RO-03",
     "name": "Data Recovery and Integrity Verification Post-Incident",
     "requirement_id": "Art. 12(1)-(2)",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RO-04",
     "name": "Recovery Operations Communication Protocol",
     "requirement_id": "Art. 19",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RO-05",
     "name": "Pre-Restoration Validation Before Traffic Resumption",
     "requirement_id": "Art. 12(2)",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RO-06",
     "name": "Recovery Operations Audit Trail",
     "requirement_id": "RTS (EU) 2024/1774 Art. 12",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RO-07",
     "name": "Recovery Time Compliance Verification",
     "requirement_id": "Art. 12(2)",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RO-08",
     "name": "Recovery Operations Evidence Package",
     "requirement_id": "Art. 13(2)",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "FO-01",
     "name": "Graceful Degradation Design Patterns",
     "requirement_id": "Art. 11 — ICT Business Continuity Policy",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "FO-02",
     "name": "Circuit Breaker Implementation for AI Integrations",
     "requirement_id": "Art. 12",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "FO-03",
     "name": "Fallback Behavior Governance",
     "requirement_id": "Art. 11 — ICT Business Continuity Policy",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "FO-04",
     "name": "Input Validation and Malformed Request Handling",
     "requirement_id": "Art. 9 — ICT Security Controls",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "FO-05",
     "name": "Cascade Failure Prevention in Multi-Agent Pipelines",
     "requirement_id": "Art. 11 — ICT Business Continuity",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "FO-06",
     "name": "Load Shedding and Backpressure Mechanisms",
     "requirement_id": "Art. 7",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "FO-07",
     "name": "Fault Tolerance Test Coverage",
     "requirement_id": "Art. 26",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "FO-08",
     "name": "Fault Tolerance Evidence Package",
     "requirement_id": "Art. 25–26 — Resilience Testing and Reporting",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RE-01",
     "name": "High Availability Architecture for AI Systems",
     "requirement_id": "Art. 11",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RE-03",
     "name": "Data Redundancy and Backup Governance",
     "requirement_id": "Art. 12",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RE-04",
     "name": "Infrastructure-as-Code for Reproducible Recovery",
     "requirement_id": "Art. 11(6)",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RE-05",
     "name": "Dependency Isolation and Bulkhead Patterns",
     "requirement_id": "Art. 9(4)",
     "fit": "adjacent"
    },
    {
     "domain": "resilience",
     "control": "RE-06",
     "name": "DORA Compliance Architecture for AI Systems",
     "requirement_id": "Art. 6-16",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RE-07",
     "name": "Resilience Engineering Review in Development Lifecycle",
     "requirement_id": "Art. 6(5)",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RE-08",
     "name": "Resilience Engineering Evidence Package",
     "requirement_id": "Art. 19",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RG-01",
     "name": "Resilience Governance Structure",
     "requirement_id": "Art. 5",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RG-02",
     "name": "Resilience Policy Framework",
     "requirement_id": "Art. 6",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RG-03",
     "name": "Senior Accountability for AI Operational Resilience",
     "requirement_id": "Art. 5(2)",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RG-04",
     "name": "Resilience Risk Appetite and Threshold Setting",
     "requirement_id": "Art. 11",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RG-05",
     "name": "Resilience Program Resourcing",
     "requirement_id": "Art. 5(2)(g)",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RG-06",
     "name": "Resilience Incident Response Integration",
     "requirement_id": "Art. 17-23",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RG-07",
     "name": "Resilience Program Metrics and Board Reporting",
     "requirement_id": "Art. 6(5)",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RG-08",
     "name": "ResilienceAttestation Production",
     "requirement_id": "Art. 6(6)",
     "fit": "direct"
    }
   ],
   "source_refs": [
    {
     "domain": "compliance",
     "control": "RF-01",
     "name": "EU AI Act High-Risk AI System Classification",
     "relationship": "normative_requirement"
    },
    {
     "domain": "identity",
     "control": "IC-05",
     "name": "Identity Compliance Mapping",
     "relationship": "normative_requirement"
    }
   ],
   "by_domain": {
    "compliance": 1,
    "resilience": 45
   },
   "title": "EU DORA",
   "total": 48
  },
  {
   "source_id": "openai_model_spec_2024",
   "framework_refs": [
    {
     "domain": "ethics",
     "control": "EF-01",
     "name": "Ethics Principles Adoption and Operationalization",
     "requirement_id": "Overview (spec structure: The chain of command; Stay in bounds; Seek the truth together; Do the best work)",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "EF-02",
     "name": "Values-to-Design Mapping",
     "requirement_id": "Stay in bounds — Try to prevent imminent real-world harm",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "EF-03",
     "name": "Ethical Risk Appetite Definition",
     "requirement_id": "The chain of command; Stay in bounds",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "EF-04",
     "name": "Ethics Impact Assessment Framework",
     "requirement_id": "Stay in bounds — Try to prevent imminent real-world harm",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "EF-05",
     "name": "EU AI Act Prohibited Practices Governance (Art. 5)",
     "requirement_id": "Stay in bounds — Don't facilitate the targeted manipulation of political views; The chain of command — Platform-level (root) instructions",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "XP-01",
     "name": "Explainability Method Selection and Justification",
     "requirement_id": "Seek the truth together — Be honest and transparent",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "XP-02",
     "name": "Decision-Level Explanation Requirements",
     "requirement_id": "Seek the truth together — Be honest and transparent",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "XP-03",
     "name": "Explanation Fidelity and Accuracy Verification",
     "requirement_id": "Seek the truth together — Be honest and transparent",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "XP-04",
     "name": "Adverse Action Notice and Explanation (ECOA/Reg B, FCRA)",
     "requirement_id": "Stay in bounds — Try to prevent imminent real-world harm",
     "fit": "adjacent"
    },
    {
     "domain": "ethics",
     "control": "XP-05",
     "name": "Model Card and System Card Transparency Disclosure",
     "requirement_id": "Seek the truth together — Be honest and transparent",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "XP-06",
     "name": "Technical vs. Non-Technical Explanation Tiers",
     "requirement_id": "Seek the truth together — Be honest and transparent",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "HI-02",
     "name": "Human Dignity and Autonomy Preservation",
     "requirement_id": "Stay in bounds — Don't facilitate the targeted manipulation of political views; Seek the truth together",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "HI-03",
     "name": "Vulnerable Population Protection",
     "requirement_id": "Stay in bounds — Try to prevent imminent real-world harm",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "HI-04",
     "name": "Human Oversight and Override Mechanisms",
     "requirement_id": "The chain of command",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "HI-06",
     "name": "Consent and Agency Preservation for AI Interactions",
     "requirement_id": "Seek the truth together — Be honest and transparent",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "HI-07",
     "name": "Child and Minors Safety Controls",
     "requirement_id": "Stay in bounds (prohibited sexual content involving minors); Under-18 Principles",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "FM-01",
     "name": "Production Fairness Monitoring Program",
     "requirement_id": "Stay in bounds — Try to prevent imminent real-world harm",
     "fit": "adjacent"
    },
    {
     "domain": "ethics",
     "control": "FM-03",
     "name": "Statistical Parity and Equalized Odds Monitoring",
     "requirement_id": "Stay in bounds — Try to prevent imminent real-world harm",
     "fit": "adjacent"
    },
    {
     "domain": "ethics",
     "control": "EG-02",
     "name": "AI Ethics Policy Framework",
     "requirement_id": "Overview; The chain of command; Stay in bounds",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "EG-05",
     "name": "Third-Party AI Provider Ethics Accountability",
     "requirement_id": "Overview (published model behavior specification)",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "EG-06",
     "name": "Ethics Incident Response",
     "requirement_id": "Stay in bounds — Try to prevent imminent real-world harm",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "EG-07",
     "name": "Ethics Program Metrics and Effectiveness Measurement",
     "requirement_id": "Stay in bounds; Seek the truth together; Do the best work",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "EG-08",
     "name": "EthicsAttestation Production",
     "requirement_id": "Overview (published model behavior specification)",
     "fit": "partial"
    }
   ],
   "source_refs": [
    {
     "domain": "ethics",
     "control": "EF-01",
     "name": "Ethics Principles Adoption and Operationalization",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "EF-02",
     "name": "Values-to-Design Mapping",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "EF-03",
     "name": "Ethical Risk Appetite Definition",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "EF-04",
     "name": "Ethics Impact Assessment Framework",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "EF-05",
     "name": "EU AI Act Prohibited Practices Governance (Art. 5)",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "XP-01",
     "name": "Explainability Method Selection and Justification",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "XP-02",
     "name": "Decision-Level Explanation Requirements",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "XP-03",
     "name": "Explanation Fidelity and Accuracy Verification",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "XP-04",
     "name": "Adverse Action Notice and Explanation (ECOA/Reg B, FCRA)",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "XP-05",
     "name": "Model Card and System Card Transparency Disclosure",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "XP-06",
     "name": "Technical vs. Non-Technical Explanation Tiers",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "HI-02",
     "name": "Human Dignity and Autonomy Preservation",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "HI-03",
     "name": "Vulnerable Population Protection",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "HI-04",
     "name": "Human Oversight and Override Mechanisms",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "HI-06",
     "name": "Consent and Agency Preservation for AI Interactions",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "HI-07",
     "name": "Child and Minors Safety Controls",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "FM-01",
     "name": "Production Fairness Monitoring Program",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "FM-03",
     "name": "Statistical Parity and Equalized Odds Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "EG-02",
     "name": "AI Ethics Policy Framework",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "EG-05",
     "name": "Third-Party AI Provider Ethics Accountability",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "EG-06",
     "name": "Ethics Incident Response",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "EG-07",
     "name": "Ethics Program Metrics and Effectiveness Measurement",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "EG-08",
     "name": "EthicsAttestation Production",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {
    "ethics": 23
   },
   "title": "OpenAI Model Specification",
   "total": 46
  },
  {
   "source_id": "aws_bedrock_guardrails_2024",
   "framework_refs": [
    {
     "domain": "agentic",
     "control": "AB-03",
     "name": "Action Reversibility Classification and Gates",
     "requirement_id": "Contextual grounding checks",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AB-04",
     "name": "Output Policy Enforcement",
     "requirement_id": "Sensitive information filters",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AB-05",
     "name": "Prompt Injection Detection and Defense",
     "requirement_id": "Content filters — prompt attack detection",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AB-07",
     "name": "Behavioral Drift Monitoring",
     "requirement_id": "Content filters and contextual grounding checks — per-request screening",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AB-08",
     "name": "BehavioralAttestation Production",
     "requirement_id": "ApplyGuardrail API — per-request policy evaluation results",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AT-02",
     "name": "Tool Permission Scoping",
     "requirement_id": "Denied topics",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AT-03",
     "name": "Tool Input Validation and Schema Enforcement",
     "requirement_id": "Content filters — input screening",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AT-04",
     "name": "Tool Output Sanitization and Integrity Verification",
     "requirement_id": "Contextual grounding checks",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AT-05",
     "name": "Dangerous and Irreversible Tool Access Controls",
     "requirement_id": "Denied topics and content filters",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AT-06",
     "name": "Third-Party Plugin Vetting and Sandboxing",
     "requirement_id": "Content filters applied to agent responses",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AT-07",
     "name": "Tool Usage Audit Trail",
     "requirement_id": "Guardrail trace in agent invocation output",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AM-02",
     "name": "Anomalous Action Detection",
     "requirement_id": "Content filters — real-time policy screening",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AM-03",
     "name": "Goal Drift and Intent Deviation Detection",
     "requirement_id": "Contextual grounding checks",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AM-05",
     "name": "Multi-Agent Communication Monitoring",
     "requirement_id": "ApplyGuardrail API — content evaluation for arbitrary payloads",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AM-07",
     "name": "Real-Time Alerting and Automated Agent Suspension",
     "requirement_id": "Content filters — per-request blocking (no agent suspension)",
     "fit": "adjacent"
    }
   ],
   "source_refs": [
    {
     "domain": "agentic",
     "control": "AA-01",
     "name": "Agent Identity Presentation at Tool Invocation",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AA-02",
     "name": "API Key and Bearer Token Lifecycle Management",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AA-03",
     "name": "mTLS and Certificate-Based Agent Authentication",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AA-04",
     "name": "Workload Identity for Agent Processes",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AA-05",
     "name": "Session Token Binding and Anti-Replay Controls",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AA-06",
     "name": "Cross-System Authentication Chaining",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AA-07",
     "name": "Authentication Failure Monitoring and Alerting",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AA-08",
     "name": "Agent Authentication Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AB-01",
     "name": "Authorized Action Scope Manifest",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AB-02",
     "name": "Tool-Call Authorization Policy",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AB-03",
     "name": "Action Reversibility Classification and Gates",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AB-04",
     "name": "Output Policy Enforcement",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AB-05",
     "name": "Prompt Injection Detection and Defense",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AB-06",
     "name": "Rate Limiting and Resource Budget Enforcement",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AB-07",
     "name": "Behavioral Drift Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AB-08",
     "name": "BehavioralAttestation Production",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AT-01",
     "name": "Tool and Plugin Registry",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AT-02",
     "name": "Tool Permission Scoping",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AT-03",
     "name": "Tool Input Validation and Schema Enforcement",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AT-04",
     "name": "Tool Output Sanitization and Integrity Verification",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AT-05",
     "name": "Dangerous and Irreversible Tool Access Controls",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AT-06",
     "name": "Third-Party Plugin Vetting and Sandboxing",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AT-07",
     "name": "Tool Usage Audit Trail",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AO-02",
     "name": "Sub-Agent Authorization and Capability Delegation",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AM-01",
     "name": "Behavioral Telemetry Collection Baseline",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AM-02",
     "name": "Anomalous Action Detection",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AM-03",
     "name": "Goal Drift and Intent Deviation Detection",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AM-04",
     "name": "Resource Consumption Anomaly Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AM-05",
     "name": "Multi-Agent Communication Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AM-07",
     "name": "Real-Time Alerting and Automated Agent Suspension",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {
    "agentic": 15
   },
   "title": "Amazon Bedrock Guardrails",
   "total": 45
  },
  {
   "source_id": "iso_30401",
   "framework_refs": [
    {
     "domain": "knowledge",
     "control": "KS-01",
     "name": "Knowledge Source Authorization Register",
     "requirement_id": "§4.4.2",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KS-02",
     "name": "Source Authority Classification",
     "requirement_id": "Clause 8",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KS-03",
     "name": "Source Currency and Maximum Age Policy",
     "requirement_id": "§7.5.3",
     "fit": "adjacent"
    },
    {
     "domain": "knowledge",
     "control": "KS-05",
     "name": "Competing Source Conflict Resolution",
     "requirement_id": "§4.4.2",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KS-08",
     "name": "Knowledge Sources Evidence Package",
     "requirement_id": "§9.1",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KI-01",
     "name": "Ingestion Pipeline Authorization",
     "requirement_id": "§4.4.2",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KI-05",
     "name": "Copyright and License Compliance at Ingestion",
     "requirement_id": "§4.4.2",
     "fit": "partial"
    },
    {
     "domain": "knowledge",
     "control": "KI-06",
     "name": "Pre-Ingestion Content Quality Gates",
     "requirement_id": "§4.4.2",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KR-01",
     "name": "Retrieval Relevance Quality Standards",
     "requirement_id": "Clause 8",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KR-03",
     "name": "Citation Fidelity and Accuracy Enforcement",
     "requirement_id": "§7.5",
     "fit": "partial"
    },
    {
     "domain": "knowledge",
     "control": "KR-08",
     "name": "Knowledge Retrieval Evidence Package",
     "requirement_id": "§9.1",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KC-01",
     "name": "Knowledge Staleness Classification Policy",
     "requirement_id": "§4.4.2",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KC-03",
     "name": "Knowledge Refresh Scheduling and Execution",
     "requirement_id": "§4.4.2",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KC-06",
     "name": "Domain-Specific Currency Requirements",
     "requirement_id": "§6.1",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KC-07",
     "name": "Emergency Knowledge Update Procedures",
     "requirement_id": "§10.1",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KC-08",
     "name": "Knowledge Currency Evidence Package",
     "requirement_id": "§9.3",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KM-01",
     "name": "Knowledge Asset Lifecycle Governance",
     "requirement_id": "Clause 8",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KM-02",
     "name": "Knowledge Base Segmentation and Access Control",
     "requirement_id": "§4.4.3",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KM-03",
     "name": "Knowledge Versioning and Change History",
     "requirement_id": "§4.4.2",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KM-06",
     "name": "Knowledge Impact Assessment Before Major Changes",
     "requirement_id": "Clause 8",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KM-07",
     "name": "Knowledge Base Performance and Quality Metrics",
     "requirement_id": "§9.1 — Performance Evaluation",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KM-08",
     "name": "Knowledge Management Evidence Package",
     "requirement_id": "§9.3 — Management Review",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KG-01",
     "name": "Knowledge Governance Structure",
     "requirement_id": "§5.3",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KG-02",
     "name": "AI Knowledge Substrate Policy Framework",
     "requirement_id": "Clause 8 — Operation",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KG-03",
     "name": "Senior Accountability for Knowledge Quality and Safety",
     "requirement_id": "§5.1 — Leadership and commitment",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KG-06",
     "name": "Knowledge Incident Response",
     "requirement_id": "§10.1 — Nonconformity and corrective action",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KG-07",
     "name": "Knowledge Program Metrics and Effectiveness Reporting",
     "requirement_id": "§9.1 — Monitoring and evaluation",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KG-08",
     "name": "KnowledgeAttestation Production",
     "requirement_id": "§9.2–9.3 — Internal audit and review",
     "fit": "partial"
    }
   ],
   "source_refs": [
    {
     "domain": "knowledge",
     "control": "KS-03",
     "name": "Source Currency and Maximum Age Policy",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "knowledge",
     "control": "KI-01",
     "name": "Ingestion Pipeline Authorization",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "knowledge",
     "control": "KI-06",
     "name": "Pre-Ingestion Content Quality Gates",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "knowledge",
     "control": "KR-08",
     "name": "Knowledge Retrieval Evidence Package",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "knowledge",
     "control": "KC-01",
     "name": "Knowledge Staleness Classification Policy",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "knowledge",
     "control": "KC-06",
     "name": "Domain-Specific Currency Requirements",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "knowledge",
     "control": "KC-07",
     "name": "Emergency Knowledge Update Procedures",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "knowledge",
     "control": "KM-01",
     "name": "Knowledge Asset Lifecycle Governance",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "knowledge",
     "control": "KM-08",
     "name": "Knowledge Management Evidence Package",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "knowledge",
     "control": "KG-01",
     "name": "Knowledge Governance Structure",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "knowledge",
     "control": "KG-02",
     "name": "AI Knowledge Substrate Policy Framework",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "knowledge",
     "control": "KG-03",
     "name": "Senior Accountability for Knowledge Quality and Safety",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "knowledge",
     "control": "KG-06",
     "name": "Knowledge Incident Response",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "knowledge",
     "control": "KG-07",
     "name": "Knowledge Program Metrics and Effectiveness Reporting",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "knowledge",
     "control": "KG-08",
     "name": "KnowledgeAttestation Production",
     "relationship": "implementation_pattern"
    }
   ],
   "by_domain": {
    "knowledge": 28
   },
   "title": "ISO 30401:2018",
   "total": 43
  },
  {
   "source_id": "databricks_unity_catalog_2024",
   "framework_refs": [
    {
     "domain": "knowledge",
     "control": "KS-04",
     "name": "Source Provenance Documentation",
     "requirement_id": "Data lineage and catalog metadata",
     "fit": "adjacent"
    },
    {
     "domain": "knowledge",
     "control": "KI-04",
     "name": "Content Sensitivity Classification at Ingestion",
     "requirement_id": "Unity Catalog — Tags and Column-Level Security",
     "fit": "adjacent"
    },
    {
     "domain": "knowledge",
     "control": "KR-05",
     "name": "Retrieval Permission Verification",
     "requirement_id": "Unity Catalog — fine-grained access control",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KC-03",
     "name": "Knowledge Refresh Scheduling and Execution",
     "requirement_id": "Unity Catalog — data lineage for ingestion jobs",
     "fit": "partial"
    },
    {
     "domain": "knowledge",
     "control": "KC-04",
     "name": "Knowledge Version Control and Change History",
     "requirement_id": "Delta Lake — time travel and version history",
     "fit": "partial"
    },
    {
     "domain": "knowledge",
     "control": "KM-03",
     "name": "Knowledge Versioning and Change History",
     "requirement_id": "Delta Lake time travel",
     "fit": "partial"
    },
    {
     "domain": "knowledge",
     "control": "KM-06",
     "name": "Knowledge Impact Assessment Before Major Changes",
     "requirement_id": "Unity Catalog Data Lineage and Impact Analysis",
     "fit": "adjacent"
    },
    {
     "domain": "knowledge",
     "control": "KG-05",
     "name": "External Knowledge Provider Governance",
     "requirement_id": "Unity Catalog — External Locations and Credentials",
     "fit": "adjacent"
    },
    {
     "domain": "data",
     "control": "DX-03",
     "name": "API Contract Governance for AI Data Exchange",
     "requirement_id": "Delta Sharing (open protocol)",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DI-01",
     "name": "Data Integrity Baseline and Checksum Monitoring",
     "requirement_id": "Unity Catalog — Data Lineage and Auditing",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DI-03",
     "name": "Cross-System Data Consistency Validation",
     "requirement_id": "Lakeflow Declarative Pipelines (DLT) expectations",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DM-01",
     "name": "AI Data Asset Inventory and Cataloging",
     "requirement_id": "Unity Catalog",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DM-04",
     "name": "Master Data Management for AI Systems",
     "requirement_id": "Unity Catalog",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DM-06",
     "name": "Data Schema Governance and Breaking Change Control",
     "requirement_id": "Delta Lake schema enforcement and evolution",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DL-02",
     "name": "Training Data Lineage Documentation",
     "requirement_id": "Unity Catalog lineage",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DL-04",
     "name": "Transformation and Enrichment Lineage",
     "requirement_id": "Column-Level Lineage",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DL-07",
     "name": "Data Lineage Tooling Governance",
     "requirement_id": "Unity Catalog",
     "fit": "adjacent"
    },
    {
     "domain": "data",
     "control": "DV-01",
     "name": "Schema Validation for AI Inputs",
     "requirement_id": "Lakeflow Declarative Pipelines (DLT) expectations",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DV-03",
     "name": "Statistical Distribution Validation",
     "requirement_id": "Databricks Lakehouse Monitoring",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DV-06",
     "name": "Validation Pipeline Monitoring",
     "requirement_id": "Databricks Lakehouse Monitoring — Metric Tables",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DV-07",
     "name": "Data Validation Tooling Governance",
     "requirement_id": "Lakehouse Monitoring",
     "fit": "adjacent"
    }
   ],
   "source_refs": [
    {
     "domain": "knowledge",
     "control": "KS-04",
     "name": "Source Provenance Documentation",
     "relationship": "informative_reference"
    },
    {
     "domain": "knowledge",
     "control": "KI-04",
     "name": "Content Sensitivity Classification at Ingestion",
     "relationship": "informative_reference"
    },
    {
     "domain": "knowledge",
     "control": "KR-05",
     "name": "Retrieval Permission Verification",
     "relationship": "informative_reference"
    },
    {
     "domain": "knowledge",
     "control": "KC-03",
     "name": "Knowledge Refresh Scheduling and Execution",
     "relationship": "informative_reference"
    },
    {
     "domain": "knowledge",
     "control": "KC-04",
     "name": "Knowledge Version Control and Change History",
     "relationship": "informative_reference"
    },
    {
     "domain": "knowledge",
     "control": "KM-03",
     "name": "Knowledge Versioning and Change History",
     "relationship": "informative_reference"
    },
    {
     "domain": "knowledge",
     "control": "KM-06",
     "name": "Knowledge Impact Assessment Before Major Changes",
     "relationship": "informative_reference"
    },
    {
     "domain": "knowledge",
     "control": "KG-05",
     "name": "External Knowledge Provider Governance",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DX-03",
     "name": "API Contract Governance for AI Data Exchange",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DI-01",
     "name": "Data Integrity Baseline and Checksum Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DI-03",
     "name": "Cross-System Data Consistency Validation",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DM-01",
     "name": "AI Data Asset Inventory and Cataloging",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DM-04",
     "name": "Master Data Management for AI Systems",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DM-06",
     "name": "Data Schema Governance and Breaking Change Control",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DL-02",
     "name": "Training Data Lineage Documentation",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DL-04",
     "name": "Transformation and Enrichment Lineage",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DL-07",
     "name": "Data Lineage Tooling Governance",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DV-01",
     "name": "Schema Validation for AI Inputs",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DV-03",
     "name": "Statistical Distribution Validation",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DV-06",
     "name": "Validation Pipeline Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DV-07",
     "name": "Data Validation Tooling Governance",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {
    "knowledge": 8,
    "data": 13
   },
   "title": "Databricks Unity Catalog",
   "total": 42
  },
  {
   "source_id": "salesforce_einstein_trust_layer_2024",
   "framework_refs": [
    {
     "domain": "agentic",
     "control": "AA-01",
     "name": "Agent Identity Presentation at Tool Invocation",
     "requirement_id": "Audit trail",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AA-06",
     "name": "Cross-System Authentication Chaining",
     "requirement_id": "Audit trail",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AA-07",
     "name": "Authentication Failure Monitoring and Alerting",
     "requirement_id": "Audit trail",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AA-08",
     "name": "Agent Authentication Evidence Package",
     "requirement_id": "Audit trail",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AB-01",
     "name": "Authorized Action Scope Manifest",
     "requirement_id": "Audit trail",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AB-02",
     "name": "Tool-Call Authorization Policy",
     "requirement_id": "Audit trail",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AB-03",
     "name": "Action Reversibility Classification and Gates",
     "requirement_id": "Secure data retrieval and dynamic grounding",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AB-04",
     "name": "Output Policy Enforcement",
     "requirement_id": "Data masking",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AB-05",
     "name": "Prompt Injection Detection and Defense",
     "requirement_id": "Prompt defense",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AB-07",
     "name": "Behavioral Drift Monitoring",
     "requirement_id": "Audit trail and toxicity detection",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AB-08",
     "name": "BehavioralAttestation Production",
     "requirement_id": "Audit trail",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AT-04",
     "name": "Tool Output Sanitization and Integrity Verification",
     "requirement_id": "Secure data retrieval, dynamic grounding, and toxicity detection",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AT-07",
     "name": "Tool Usage Audit Trail",
     "requirement_id": "Audit trail",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AO-07",
     "name": "Orchestration Audit Trail",
     "requirement_id": "Audit trail",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AM-01",
     "name": "Behavioral Telemetry Collection Baseline",
     "requirement_id": "Audit trail",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AM-02",
     "name": "Anomalous Action Detection",
     "requirement_id": "Toxicity detection — output scoring",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AM-03",
     "name": "Goal Drift and Intent Deviation Detection",
     "requirement_id": "Secure data retrieval and dynamic grounding",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AM-06",
     "name": "Monitoring Log Integrity",
     "requirement_id": "Audit trail",
     "fit": "adjacent"
    }
   ],
   "source_refs": [
    {
     "domain": "agentic",
     "control": "AA-01",
     "name": "Agent Identity Presentation at Tool Invocation",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AA-04",
     "name": "Workload Identity for Agent Processes",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AA-06",
     "name": "Cross-System Authentication Chaining",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AA-07",
     "name": "Authentication Failure Monitoring and Alerting",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AA-08",
     "name": "Agent Authentication Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AB-01",
     "name": "Authorized Action Scope Manifest",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AB-02",
     "name": "Tool-Call Authorization Policy",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AB-03",
     "name": "Action Reversibility Classification and Gates",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AB-04",
     "name": "Output Policy Enforcement",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AB-05",
     "name": "Prompt Injection Detection and Defense",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AB-06",
     "name": "Rate Limiting and Resource Budget Enforcement",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AB-07",
     "name": "Behavioral Drift Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AB-08",
     "name": "BehavioralAttestation Production",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AT-04",
     "name": "Tool Output Sanitization and Integrity Verification",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AT-06",
     "name": "Third-Party Plugin Vetting and Sandboxing",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AT-07",
     "name": "Tool Usage Audit Trail",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AO-07",
     "name": "Orchestration Audit Trail",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AO-08",
     "name": "Orchestration Governance Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AM-01",
     "name": "Behavioral Telemetry Collection Baseline",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AM-02",
     "name": "Anomalous Action Detection",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AM-03",
     "name": "Goal Drift and Intent Deviation Detection",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AM-06",
     "name": "Monitoring Log Integrity",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {
    "agentic": 18
   },
   "title": "Salesforce Einstein Trust Layer",
   "total": 40
  },
  {
   "source_id": "ibm_ai_fairness_360_2021",
   "framework_refs": [
    {
     "domain": "ethics",
     "control": "EF-02",
     "name": "Values-to-Design Mapping",
     "requirement_id": "Fairness metrics (demographic parity difference, equalized odds difference)",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "EF-04",
     "name": "Ethics Impact Assessment Framework",
     "requirement_id": "Fairness metrics (~70 dataset- and model-level metrics)",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "EF-06",
     "name": "Ethics-by-Design Integration in Development Lifecycle",
     "requirement_id": "Bias mitigation algorithms and pipeline-stage metric checks",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "FA-01",
     "name": "Protected Characteristic Identification and Scope",
     "requirement_id": "Protected attribute specification (privileged/unprivileged groups)",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "FA-02",
     "name": "Algorithmic Bias Impact Assessment",
     "requirement_id": "Dataset and classifier fairness metrics",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "FA-03",
     "name": "Fairness Metric Selection and Justification",
     "requirement_id": "Fairness metric taxonomy (~70 metrics)",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "FA-06",
     "name": "Disparate Impact Analysis",
     "requirement_id": "Disparate impact metric (four-fifths rule)",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "XP-01",
     "name": "Explainability Method Selection and Justification",
     "requirement_id": "Bias metric selection (metric matched to task and fairness definition)",
     "fit": "adjacent"
    },
    {
     "domain": "ethics",
     "control": "XP-04",
     "name": "Adverse Action Notice and Explanation (ECOA/Reg B, FCRA)",
     "requirement_id": "Disparate impact metric",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "XP-05",
     "name": "Model Card and System Card Transparency Disclosure",
     "requirement_id": "Fairness metrics (demographic parity, equalized odds, disparate impact)",
     "fit": "adjacent"
    },
    {
     "domain": "ethics",
     "control": "HI-03",
     "name": "Vulnerable Population Protection",
     "requirement_id": "Subgroup fairness metrics and bias mitigation algorithms",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "FM-01",
     "name": "Production Fairness Monitoring Program",
     "requirement_id": "Fairness metric computation (batch, schedulable on production samples)",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "FM-02",
     "name": "Disparate Outcome Threshold Governance",
     "requirement_id": "Demographic parity difference and equalized odds difference metrics",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "FM-03",
     "name": "Statistical Parity and Equalized Odds Monitoring",
     "requirement_id": "Fairness metric suite (demographic parity difference, equalized odds difference, disparate impact ratio)",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "FM-05",
     "name": "Fairness Incident Response Program",
     "requirement_id": "Bias mitigation algorithms (reweighing, adversarial debiasing, calibrated equalized odds postprocessing)",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "FM-06",
     "name": "AI Performance Divergence by Demographic Group",
     "requirement_id": "Disaggregated (subgroup) performance metrics",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "EG-04",
     "name": "Ethics Training and Capability Building",
     "requirement_id": "Fairness metrics and mitigation algorithms (training curriculum)",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "EG-05",
     "name": "Third-Party AI Provider Ethics Accountability",
     "requirement_id": "Fairness metrics (vendor due-diligence benchmark)",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "EG-07",
     "name": "Ethics Program Metrics and Effectiveness Measurement",
     "requirement_id": "Fairness metrics (quantitative outcome indicators)",
     "fit": "partial"
    }
   ],
   "source_refs": [
    {
     "domain": "ethics",
     "control": "EF-02",
     "name": "Values-to-Design Mapping",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "EF-04",
     "name": "Ethics Impact Assessment Framework",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "EF-06",
     "name": "Ethics-by-Design Integration in Development Lifecycle",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "FA-01",
     "name": "Protected Characteristic Identification and Scope",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "FA-02",
     "name": "Algorithmic Bias Impact Assessment",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "FA-03",
     "name": "Fairness Metric Selection and Justification",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "FA-06",
     "name": "Disparate Impact Analysis",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "XP-01",
     "name": "Explainability Method Selection and Justification",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "XP-04",
     "name": "Adverse Action Notice and Explanation (ECOA/Reg B, FCRA)",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "XP-05",
     "name": "Model Card and System Card Transparency Disclosure",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "HI-03",
     "name": "Vulnerable Population Protection",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "FM-01",
     "name": "Production Fairness Monitoring Program",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "FM-02",
     "name": "Disparate Outcome Threshold Governance",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "FM-03",
     "name": "Statistical Parity and Equalized Odds Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "FM-05",
     "name": "Fairness Incident Response Program",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "FM-06",
     "name": "AI Performance Divergence by Demographic Group",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "EG-04",
     "name": "Ethics Training and Capability Building",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "EG-05",
     "name": "Third-Party AI Provider Ethics Accountability",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "EG-07",
     "name": "Ethics Program Metrics and Effectiveness Measurement",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {
    "ethics": 19
   },
   "title": "IBM AI Fairness 360 (AIF360)",
   "total": 38
  },
  {
   "source_id": "meta_llama_responsible_use_2024",
   "framework_refs": [
    {
     "domain": "ethics",
     "control": "EF-03",
     "name": "Ethical Risk Appetite Definition",
     "requirement_id": "Llama Acceptable Use Policy (separate document)",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "EF-04",
     "name": "Ethics Impact Assessment Framework",
     "requirement_id": "Model-level alignment — Evaluate and improve performance; Red teaming",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "EF-05",
     "name": "EU AI Act Prohibited Practices Governance (Art. 5)",
     "requirement_id": "Llama Acceptable Use Policy (separate document)",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "EF-06",
     "name": "Ethics-by-Design Integration in Development Lifecycle",
     "requirement_id": "Responsible LLM product development stages; Model-level alignment — Evaluate and improve performance",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "XP-05",
     "name": "Model Card and System Card Transparency Disclosure",
     "requirement_id": "Build transparency and reporting mechanisms",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "HI-02",
     "name": "Human Dignity and Autonomy Preservation",
     "requirement_id": "Llama Acceptable Use Policy (separate document)",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "HI-03",
     "name": "Vulnerable Population Protection",
     "requirement_id": "Responsible AI considerations (fairness and inclusion)",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "HI-06",
     "name": "Consent and Agency Preservation for AI Interactions",
     "requirement_id": "Llama Acceptable Use Policy (separate document); Build transparency and reporting mechanisms",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "HI-07",
     "name": "Child and Minors Safety Controls",
     "requirement_id": "Llama Acceptable Use Policy (separate document) — prohibitions on harm to minors",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "FM-01",
     "name": "Production Fairness Monitoring Program",
     "requirement_id": "System-level alignment — input/output mitigations; Llama Acceptable Use Policy (separate document)",
     "fit": "adjacent"
    },
    {
     "domain": "ethics",
     "control": "FM-02",
     "name": "Disparate Outcome Threshold Governance",
     "requirement_id": "Llama Acceptable Use Policy (separate document) — prohibited discrimination",
     "fit": "adjacent"
    },
    {
     "domain": "ethics",
     "control": "FM-03",
     "name": "Statistical Parity and Equalized Odds Monitoring",
     "requirement_id": "Model-level alignment — Evaluate and improve performance; Red teaming",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "FM-05",
     "name": "Fairness Incident Response Program",
     "requirement_id": "Build transparency and reporting mechanisms; Llama Acceptable Use Policy (separate document)",
     "fit": "adjacent"
    },
    {
     "domain": "ethics",
     "control": "FM-06",
     "name": "AI Performance Divergence by Demographic Group",
     "requirement_id": "Model-level alignment — Evaluate and improve performance",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "FM-08",
     "name": "Fairness Monitoring Evidence Package",
     "requirement_id": "Build transparency and reporting mechanisms",
     "fit": "adjacent"
    },
    {
     "domain": "ethics",
     "control": "EG-02",
     "name": "AI Ethics Policy Framework",
     "requirement_id": "Llama Acceptable Use Policy (separate document)",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "EG-05",
     "name": "Third-Party AI Provider Ethics Accountability",
     "requirement_id": "Responsible Use Guide (provider guidance); Llama Acceptable Use Policy (separate document)",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "EG-06",
     "name": "Ethics Incident Response",
     "requirement_id": "Build transparency and reporting mechanisms",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "EG-08",
     "name": "EthicsAttestation Production",
     "requirement_id": "Build transparency and reporting mechanisms",
     "fit": "partial"
    }
   ],
   "source_refs": [
    {
     "domain": "ethics",
     "control": "EF-03",
     "name": "Ethical Risk Appetite Definition",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "EF-04",
     "name": "Ethics Impact Assessment Framework",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "EF-05",
     "name": "EU AI Act Prohibited Practices Governance (Art. 5)",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "EF-06",
     "name": "Ethics-by-Design Integration in Development Lifecycle",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "XP-05",
     "name": "Model Card and System Card Transparency Disclosure",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "HI-02",
     "name": "Human Dignity and Autonomy Preservation",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "HI-03",
     "name": "Vulnerable Population Protection",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "HI-06",
     "name": "Consent and Agency Preservation for AI Interactions",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "HI-07",
     "name": "Child and Minors Safety Controls",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "FM-01",
     "name": "Production Fairness Monitoring Program",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "FM-02",
     "name": "Disparate Outcome Threshold Governance",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "FM-03",
     "name": "Statistical Parity and Equalized Odds Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "FM-05",
     "name": "Fairness Incident Response Program",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "FM-06",
     "name": "AI Performance Divergence by Demographic Group",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "FM-08",
     "name": "Fairness Monitoring Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "EG-02",
     "name": "AI Ethics Policy Framework",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "EG-05",
     "name": "Third-Party AI Provider Ethics Accountability",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "EG-06",
     "name": "Ethics Incident Response",
     "relationship": "informative_reference"
    },
    {
     "domain": "ethics",
     "control": "EG-08",
     "name": "EthicsAttestation Production",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {
    "ethics": 19
   },
   "title": "Meta Llama Responsible Use Guide",
   "total": 38
  },
  {
   "source_id": "nist_pf",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "privacy",
     "control": "DC-01",
     "name": "Personal Data Inventory",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "privacy",
     "control": "DC-04",
     "name": "Consent Signal Validation",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "privacy",
     "control": "DC-06",
     "name": "Data Purpose Limitation Mapping",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "privacy",
     "control": "DC-08",
     "name": "Consent Change Propagation",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "privacy",
     "control": "DC-09",
     "name": "Data Collection Layer Evidence Package",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "privacy",
     "control": "DG-01",
     "name": "Data Processing Register",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "privacy",
     "control": "DG-03",
     "name": "International Transfer Mechanism Registry",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "privacy",
     "control": "DG-08",
     "name": "Governance Evidence Archive",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "privacy",
     "control": "DS-02",
     "name": "Identity Verification for Rights Requests",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "privacy",
     "control": "DS-06",
     "name": "Portability and Interoperability",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "privacy",
     "control": "DS-08",
     "name": "Rights Request Evidence Log",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "privacy",
     "control": "DP-01",
     "name": "Encryption at Rest and in Transit",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "privacy",
     "control": "DP-03",
     "name": "Data Minimization Enforcement",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "privacy",
     "control": "DP-04",
     "name": "Inference Scope Limitation",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "privacy",
     "control": "DP-05",
     "name": "Output PII Scrubbing",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "privacy",
     "control": "DP-06",
     "name": "Synthetic Data Governance",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "privacy",
     "control": "DP-07",
     "name": "AI Telemetry Data Controls",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "privacy",
     "control": "DP-08",
     "name": "Data Protection Evidence Log",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "privacy",
     "control": "PM-01",
     "name": "Privacy Incident Detection",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "privacy",
     "control": "PM-02",
     "name": "Cross-Context Inference Monitoring",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "privacy",
     "control": "PM-03",
     "name": "Purpose Creep Detection",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "privacy",
     "control": "PM-04",
     "name": "Consent State Consistency Monitoring",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "privacy",
     "control": "PM-05",
     "name": "Inference Log Monitoring",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "privacy",
     "control": "PM-07",
     "name": "Third-Party Privacy Monitoring",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "privacy",
     "control": "PM-08",
     "name": "Privacy Monitoring Evidence Archive",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "privacy",
     "control": "PC-02",
     "name": "Privacy Certification Program",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "privacy",
     "control": "PC-04",
     "name": "Privacy Program Effectiveness Assessment",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "privacy",
     "control": "PC-05",
     "name": "Privacy-by-Design Certification",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "data",
     "control": "DX-02",
     "name": "Inter-System Data Transfer Authorization",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "data",
     "control": "DM-03",
     "name": "Data Retention and Disposal Governance",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "data",
     "control": "DL-03",
     "name": "Inference-Time Data Lineage (Per-Decision Provenance)",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "data",
     "control": "DL-06",
     "name": "Data Lineage for Regulatory and Legal Purposes",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "data",
     "control": "DA-02",
     "name": "Data Minimization Implementation for AI",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "data",
     "control": "DA-06",
     "name": "Cross-Border Data Access Jurisdiction Controls",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "data",
     "control": "DA-07",
     "name": "Emergency AI Data Access Procedures",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "data",
     "control": "DA-08",
     "name": "Data Access Evidence Package",
     "relationship": "implementation_pattern"
    }
   ],
   "by_domain": {},
   "title": "NIST Privacy Framework 1.0",
   "total": 36
  },
  {
   "source_id": "iso_22301",
   "framework_refs": [
    {
     "domain": "resilience",
     "control": "RV-01",
     "name": "AI System RTO/RPO Definition and Validation",
     "requirement_id": "§8.2.2",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RV-02",
     "name": "Resilience Control Verification Testing",
     "requirement_id": "§8.5",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RV-04",
     "name": "Recovery Capability Verification After Actual Incident",
     "requirement_id": "§10.1",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RV-05",
     "name": "Third-Party AI Dependency Resilience Assessment",
     "requirement_id": "§8.2.3",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RV-06",
     "name": "Multi-Region and Multi-AZ Resilience Verification",
     "requirement_id": "§8.4.5",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RV-07",
     "name": "Degraded-Mode AI Operation Testing",
     "requirement_id": "§8.4.5",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RV-08",
     "name": "Resilience Verification Evidence Package",
     "requirement_id": "§9.1",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RP-01",
     "name": "AI-Specific Business Continuity Plan",
     "requirement_id": "§8.2.2",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RP-02",
     "name": "AI System Disaster Recovery Plan",
     "requirement_id": "§8.4",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RP-04",
     "name": "RAG Index and Knowledge Base Recovery Plan",
     "requirement_id": "§8.4",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RP-05",
     "name": "Recovery Priority Classification for AI Systems",
     "requirement_id": "§8.2.2",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RP-06",
     "name": "Third-Party AI Provider Outage Response Plan",
     "requirement_id": "§8.3.4",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RP-07",
     "name": "Recovery Plan Testing and Tabletop Exercises",
     "requirement_id": "§8.5",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RP-08",
     "name": "Recovery Planning Evidence Package",
     "requirement_id": "§9.1",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RO-01",
     "name": "AI System Failover Execution Procedures",
     "requirement_id": "§8.4.2",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RO-03",
     "name": "Data Recovery and Integrity Verification Post-Incident",
     "requirement_id": "§8.4.5",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RO-04",
     "name": "Recovery Operations Communication Protocol",
     "requirement_id": "§8.4.3",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RO-05",
     "name": "Pre-Restoration Validation Before Traffic Resumption",
     "requirement_id": "§8.4.5",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RO-06",
     "name": "Recovery Operations Audit Trail",
     "requirement_id": "§9.1",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RO-07",
     "name": "Recovery Time Compliance Verification",
     "requirement_id": "§9.1",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RO-08",
     "name": "Recovery Operations Evidence Package",
     "requirement_id": "§9.2",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "FO-03",
     "name": "Fallback Behavior Governance",
     "requirement_id": "§8.4.4",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "FO-07",
     "name": "Fault Tolerance Test Coverage",
     "requirement_id": "§8.5 — Business Continuity Exercises",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "FO-08",
     "name": "Fault Tolerance Evidence Package",
     "requirement_id": "§9.1 — Monitoring, Measurement, Analysis and Evaluation",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RE-02",
     "name": "Stateless Agent Design and Session Recovery",
     "requirement_id": "§8.4.4",
     "fit": "adjacent"
    },
    {
     "domain": "resilience",
     "control": "RE-03",
     "name": "Data Redundancy and Backup Governance",
     "requirement_id": "§8.4.5",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RE-06",
     "name": "DORA Compliance Architecture for AI Systems",
     "requirement_id": "§8.4",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RE-08",
     "name": "Resilience Engineering Evidence Package",
     "requirement_id": "§9.1",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RG-01",
     "name": "Resilience Governance Structure",
     "requirement_id": "§5.1",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RG-02",
     "name": "Resilience Policy Framework",
     "requirement_id": "§6.2",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RG-03",
     "name": "Senior Accountability for AI Operational Resilience",
     "requirement_id": "§5.3",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RG-04",
     "name": "Resilience Risk Appetite and Threshold Setting",
     "requirement_id": "§8.2.2",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RG-05",
     "name": "Resilience Program Resourcing",
     "requirement_id": "§7.1",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RG-06",
     "name": "Resilience Incident Response Integration",
     "requirement_id": "§8.4.5",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RG-07",
     "name": "Resilience Program Metrics and Board Reporting",
     "requirement_id": "§9.1",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RG-08",
     "name": "ResilienceAttestation Production",
     "requirement_id": "§9.2",
     "fit": "direct"
    }
   ],
   "source_refs": [],
   "by_domain": {
    "resilience": 36
   },
   "title": "ISO 22301:2019",
   "total": 36
  },
  {
   "source_id": "okta_authz_server_2025",
   "framework_refs": [
    {
     "domain": "authority",
     "control": "PV-04",
     "name": "Authorized Knowledge Source Registry",
     "requirement_id": "Okta Fine-Grained Authorization — Knowledge Resource Access Scopes",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PV-08",
     "name": "Principal Intent vs. Agent Behavior Alignment",
     "requirement_id": "Okta for AI Agents — Scoped Token Authorization",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PA-01",
     "name": "Delegation of Authority Integration",
     "requirement_id": "Okta Authorization Server — OAuth 2.0 Delegation Constraints",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PA-02",
     "name": "Approval Limit Enforcement",
     "requirement_id": "Okta Authorization Server — Time-Bounded Approval-Scoped Tokens",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PA-03",
     "name": "Escalation Gate Design and Testing",
     "requirement_id": "Okta Workflows — Automated Escalation Gate Enforcement",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PA-04",
     "name": "Principal Accountability Binding",
     "requirement_id": "Okta Identity Tokens — Principal Identity Binding for AI Agents",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PA-05",
     "name": "Multi-Party Approval Workflow",
     "requirement_id": "Okta Workflows — Multi-Party Token Approval Chains",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PA-06",
     "name": "Emergency Override and Break-Glass",
     "requirement_id": "Okta Privileged Access + Okta Workflows — Emergency Override Governance",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PA-07",
     "name": "Approval Record and Audit Trail",
     "requirement_id": "Okta System Log — Non-Repudiable Authorization Decision Records",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PA-08",
     "name": "Authority Scope Change Notification",
     "requirement_id": "Okta Event Hooks — Authorization Policy Change Notifications",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PR-02",
     "name": "AI-Initiated Commitment Controls",
     "requirement_id": "Okta Authorization Server — Commitment-Scoped Token Restrictions",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PR-08",
     "name": "Procurement Audit Trail",
     "requirement_id": "Okta System Log — Identity-Mediated Procurement Authorization Records",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PG-01",
     "name": "Policy Adherence Monitoring",
     "requirement_id": "Okta System Log — Authorization Policy Adherence Monitoring",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PG-02",
     "name": "Authority Limit Monitoring",
     "requirement_id": "Okta System Log + Identity Governance Reports — Authority Limit Anomaly Detection",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PG-06",
     "name": "Operating Intent Drift Detection",
     "requirement_id": "Okta Behavior Detection + System Log — Sign-In Anomaly Signals for Intent Drift",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PE-03",
     "name": "Internal Audit Support Package",
     "requirement_id": "Okta System Log Compliance Reports — Authorization Audit Evidence",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PE-05",
     "name": "Contract Audit Trail",
     "requirement_id": "Okta System Log — Non-Repudiable Contract Authorization Evidence",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PE-08",
     "name": "Policy Attestation",
     "requirement_id": "Okta Authorization Server — Signed Token Claims as Authorization Evidence",
     "fit": "adjacent"
    }
   ],
   "source_refs": [
    {
     "domain": "authority",
     "control": "PV-04",
     "name": "Authorized Knowledge Source Registry",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PV-08",
     "name": "Principal Intent vs. Agent Behavior Alignment",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PA-01",
     "name": "Delegation of Authority Integration",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PA-02",
     "name": "Approval Limit Enforcement",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PA-03",
     "name": "Escalation Gate Design and Testing",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PA-04",
     "name": "Principal Accountability Binding",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PA-05",
     "name": "Multi-Party Approval Workflow",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PA-06",
     "name": "Emergency Override and Break-Glass",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PA-07",
     "name": "Approval Record and Audit Trail",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PA-08",
     "name": "Authority Scope Change Notification",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PR-02",
     "name": "AI-Initiated Commitment Controls",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PR-08",
     "name": "Procurement Audit Trail",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PG-01",
     "name": "Policy Adherence Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PG-02",
     "name": "Authority Limit Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PG-06",
     "name": "Operating Intent Drift Detection",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PE-03",
     "name": "Internal Audit Support Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PE-05",
     "name": "Contract Audit Trail",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PE-08",
     "name": "Policy Attestation",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {
    "authority": 18
   },
   "title": "Okta Authorization Servers & Fine-Grained Authorization",
   "total": 36
  },
  {
   "source_id": "coso_icfr",
   "framework_refs": [
    {
     "domain": "finance",
     "control": "MR-01",
     "name": "SR 26-2 Model Inventory and Risk Tiering",
     "requirement_id": "Component 2",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MR-02",
     "name": "Model Risk Governance Policy Framework",
     "requirement_id": "Component 1",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MR-03",
     "name": "Pre-Deployment Model Risk Assessment",
     "requirement_id": "Component 2",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MR-04",
     "name": "Model Risk Appetite and Material Model Thresholds",
     "requirement_id": "Component 2",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "MR-07",
     "name": "Emerging Model Risk Identification",
     "requirement_id": "Component 2",
     "fit": "adjacent"
    },
    {
     "domain": "finance",
     "control": "MV-01",
     "name": "Independent Validation Function Charter",
     "requirement_id": "Principle 3",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MV-02",
     "name": "Conceptual Soundness Assessment",
     "requirement_id": "Principle 10",
     "fit": "adjacent"
    },
    {
     "domain": "finance",
     "control": "MV-04",
     "name": "Benchmarking and Challenger Models",
     "requirement_id": "Principle 16",
     "fit": "adjacent"
    },
    {
     "domain": "finance",
     "control": "MV-05",
     "name": "Validation Frequency and Trigger-Based Review",
     "requirement_id": "Principle 16",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MV-07",
     "name": "Validation Finding Escalation and Remediation",
     "requirement_id": "Principle 17",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FD-01",
     "name": "AI-Driven Decision Transparency and Auditability",
     "requirement_id": "Component 3 — Control Activities",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FD-02",
     "name": "ECOA/Reg B Adverse Action Notice for AI Decisions",
     "requirement_id": "Component 2 — Risk Assessment",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FD-03",
     "name": "Fair Lending AI Explainability",
     "requirement_id": "Component 5 — Monitoring Activities",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FD-05",
     "name": "Financial Consumer Notification and Rights",
     "requirement_id": "Component 1 — Control Environment",
     "fit": "adjacent"
    },
    {
     "domain": "finance",
     "control": "FD-06",
     "name": "AI System Disclosure in Financial Filings",
     "requirement_id": "Component 5 — Monitoring Activities",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FD-07",
     "name": "Model Transparency Dashboard for Senior Management",
     "requirement_id": "Component 5 — Monitoring Activities",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FD-08",
     "name": "Financial Disclosure Evidence Package",
     "requirement_id": "Component 5 — Monitoring Activities",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FC-01",
     "name": "SOX 302/404 Controls over AI-Generated Financial Data",
     "requirement_id": "Principles 10-12",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FC-02",
     "name": "AI-Generated Output Materiality Assessment",
     "requirement_id": "Principle 6",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FC-03",
     "name": "Reconciliation Controls for AI-Influenced Financial Outputs",
     "requirement_id": "Principles 10-11",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FC-04",
     "name": "Change Management Controls for Financial AI Systems",
     "requirement_id": "Principle 12",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FC-05",
     "name": "Access Controls for Financial AI Systems",
     "requirement_id": "Principle 11",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FC-06",
     "name": "AI Operational Error and Financial Exception Management",
     "requirement_id": "Principles 16-17",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FC-08",
     "name": "Financial Controls Evidence Package",
     "requirement_id": "Principle 17",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FP-01",
     "name": "AI Use Policy for Financial Decision-Making",
     "requirement_id": "Principle 12",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FP-03",
     "name": "Financial AI Risk Appetite Statement",
     "requirement_id": "Principle 6",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FP-06",
     "name": "Financial AI Change Control Policy",
     "requirement_id": "Principle 12",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FP-07",
     "name": "AI Exception and Escalation Policy",
     "requirement_id": "Principle 14",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FP-08",
     "name": "Financial Policy Evidence Package",
     "requirement_id": "Principle 17",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FG-01",
     "name": "Finance AI Governance Structure",
     "requirement_id": "Principle 2 — Control Environment",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FG-02",
     "name": "Senior and Named Accountability for Financial AI Decisions",
     "requirement_id": "Principle 3",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FG-03",
     "name": "Board-Level Oversight of Financial AI Risk",
     "requirement_id": "Principle 2",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FG-06",
     "name": "Financial AI Program Metrics and Board Reporting",
     "requirement_id": "Principle 16",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FG-07",
     "name": "Annual AI Governance Review",
     "requirement_id": "Principle 17",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FG-08",
     "name": "FinanceAttestation Production",
     "requirement_id": "Principle 16",
     "fit": "adjacent"
    }
   ],
   "source_refs": [],
   "by_domain": {
    "finance": 35
   },
   "title": "COSO ICFR 2013",
   "total": 35
  },
  {
   "source_id": "sox",
   "framework_refs": [
    {
     "domain": "finance",
     "control": "MR-01",
     "name": "SR 26-2 Model Inventory and Risk Tiering",
     "requirement_id": "§404",
     "fit": "adjacent"
    },
    {
     "domain": "finance",
     "control": "MR-02",
     "name": "Model Risk Governance Policy Framework",
     "requirement_id": "§302",
     "fit": "adjacent"
    },
    {
     "domain": "finance",
     "control": "MR-04",
     "name": "Model Risk Appetite and Material Model Thresholds",
     "requirement_id": "§404",
     "fit": "adjacent"
    },
    {
     "domain": "finance",
     "control": "MR-08",
     "name": "Model Risk Evidence Package",
     "requirement_id": "§404(b)",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "MV-01",
     "name": "Independent Validation Function Charter",
     "requirement_id": "§404",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MV-03",
     "name": "Outcome Analysis and Backtesting",
     "requirement_id": "§302",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MV-07",
     "name": "Validation Finding Escalation and Remediation",
     "requirement_id": "§302 & §404",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "MV-08",
     "name": "Model Validation Evidence Package",
     "requirement_id": "§302 & §404",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FD-01",
     "name": "AI-Driven Decision Transparency and Auditability",
     "requirement_id": "Section 302",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FD-04",
     "name": "Model Output Disclosure to Financial Regulators",
     "requirement_id": "Section 404",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FD-06",
     "name": "AI System Disclosure in Financial Filings",
     "requirement_id": "Section 302 & 404",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FD-07",
     "name": "Model Transparency Dashboard for Senior Management",
     "requirement_id": "Section 302",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FD-08",
     "name": "Financial Disclosure Evidence Package",
     "requirement_id": "Section 302 & 404",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FC-01",
     "name": "SOX 302/404 Controls over AI-Generated Financial Data",
     "requirement_id": "§302, §404",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FC-02",
     "name": "AI-Generated Output Materiality Assessment",
     "requirement_id": "§302(a)(4)",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FC-03",
     "name": "Reconciliation Controls for AI-Influenced Financial Outputs",
     "requirement_id": "§404(a)",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FC-04",
     "name": "Change Management Controls for Financial AI Systems",
     "requirement_id": "§404(b)",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FC-05",
     "name": "Access Controls for Financial AI Systems",
     "requirement_id": "§404",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FC-06",
     "name": "AI Operational Error and Financial Exception Management",
     "requirement_id": "§302(a)(5)",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FC-07",
     "name": "Financial Data Integrity Monitoring",
     "requirement_id": "§404",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FC-08",
     "name": "Financial Controls Evidence Package",
     "requirement_id": "§302, §404",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FP-01",
     "name": "AI Use Policy for Financial Decision-Making",
     "requirement_id": "Section 302 & 404",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FP-02",
     "name": "Prohibited AI Use Cases in Financial Services",
     "requirement_id": "Section 404",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FP-03",
     "name": "Financial AI Risk Appetite Statement",
     "requirement_id": "Section 302",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FP-04",
     "name": "AI Procurement and Vendor Management Policy for Finance",
     "requirement_id": "Section 404",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FP-06",
     "name": "Financial AI Change Control Policy",
     "requirement_id": "Section 404",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FP-07",
     "name": "AI Exception and Escalation Policy",
     "requirement_id": "Section 302",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FP-08",
     "name": "Financial Policy Evidence Package",
     "requirement_id": "Section 404",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FG-01",
     "name": "Finance AI Governance Structure",
     "requirement_id": "§404",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FG-02",
     "name": "Senior and Named Accountability for Financial AI Decisions",
     "requirement_id": "§302",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FG-03",
     "name": "Board-Level Oversight of Financial AI Risk",
     "requirement_id": "§301",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FG-05",
     "name": "Finance AI Incident Response Integration",
     "requirement_id": "§302",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FG-06",
     "name": "Financial AI Program Metrics and Board Reporting",
     "requirement_id": "§404",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FG-08",
     "name": "FinanceAttestation Production",
     "requirement_id": "§302 & §404",
     "fit": "direct"
    }
   ],
   "source_refs": [
    {
     "domain": "authority",
     "control": "PR-08",
     "name": "Procurement Audit Trail",
     "relationship": "normative_requirement"
    }
   ],
   "by_domain": {
    "finance": 34
   },
   "title": "Sarbanes-Oxley Act",
   "total": 35
  },
  {
   "source_id": "nist_800_34",
   "framework_refs": [
    {
     "domain": "resilience",
     "control": "RV-01",
     "name": "AI System RTO/RPO Definition and Validation",
     "requirement_id": "§3.2",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RV-02",
     "name": "Resilience Control Verification Testing",
     "requirement_id": "§3.5",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RV-04",
     "name": "Recovery Capability Verification After Actual Incident",
     "requirement_id": "§4.4",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RV-05",
     "name": "Third-Party AI Dependency Resilience Assessment",
     "requirement_id": "§3.5",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RV-08",
     "name": "Resilience Verification Evidence Package",
     "requirement_id": "§3.5",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RP-01",
     "name": "AI-Specific Business Continuity Plan",
     "requirement_id": "§3.1",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RP-02",
     "name": "AI System Disaster Recovery Plan",
     "requirement_id": "§3.4",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RP-03",
     "name": "Model Rollback and Previous Version Recovery Planning",
     "requirement_id": "§3.4",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RP-04",
     "name": "RAG Index and Knowledge Base Recovery Plan",
     "requirement_id": "§3.4",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RP-05",
     "name": "Recovery Priority Classification for AI Systems",
     "requirement_id": "§3.2",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RP-06",
     "name": "Third-Party AI Provider Outage Response Plan",
     "requirement_id": "§3.5",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RP-07",
     "name": "Recovery Plan Testing and Tabletop Exercises",
     "requirement_id": "§3.5",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RP-08",
     "name": "Recovery Planning Evidence Package",
     "requirement_id": "§3.6",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RO-01",
     "name": "AI System Failover Execution Procedures",
     "requirement_id": "§3.4.3",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RO-03",
     "name": "Data Recovery and Integrity Verification Post-Incident",
     "requirement_id": "§3.4.2",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RO-04",
     "name": "Recovery Operations Communication Protocol",
     "requirement_id": "§4.2.2",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RO-06",
     "name": "Recovery Operations Audit Trail",
     "requirement_id": "§3.5",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RO-07",
     "name": "Recovery Time Compliance Verification",
     "requirement_id": "§3.5",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RO-08",
     "name": "Recovery Operations Evidence Package",
     "requirement_id": "§3.5",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "FO-03",
     "name": "Fallback Behavior Governance",
     "requirement_id": "§3.5",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "FO-08",
     "name": "Fault Tolerance Evidence Package",
     "requirement_id": "§3.6",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RE-03",
     "name": "Data Redundancy and Backup Governance",
     "requirement_id": "§3.4",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RE-04",
     "name": "Infrastructure-as-Code for Reproducible Recovery",
     "requirement_id": "§3.3",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RE-06",
     "name": "DORA Compliance Architecture for AI Systems",
     "requirement_id": "§2.1",
     "fit": "adjacent"
    },
    {
     "domain": "resilience",
     "control": "RE-08",
     "name": "Resilience Engineering Evidence Package",
     "requirement_id": "§3.5",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RG-01",
     "name": "Resilience Governance Structure",
     "requirement_id": "§2.1",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RG-02",
     "name": "Resilience Policy Framework",
     "requirement_id": "§3.1",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RG-03",
     "name": "Senior Accountability for AI Operational Resilience",
     "requirement_id": "§2.1",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RG-04",
     "name": "Resilience Risk Appetite and Threshold Setting",
     "requirement_id": "§3.2",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RG-05",
     "name": "Resilience Program Resourcing",
     "requirement_id": "§2.2",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RG-06",
     "name": "Resilience Incident Response Integration",
     "requirement_id": "§4.2",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RG-07",
     "name": "Resilience Program Metrics and Board Reporting",
     "requirement_id": "§3.1",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RG-08",
     "name": "ResilienceAttestation Production",
     "requirement_id": "§3.5",
     "fit": "adjacent"
    }
   ],
   "source_refs": [],
   "by_domain": {
    "resilience": 33
   },
   "title": "nist_800_34",
   "total": 33
  },
  {
   "source_id": "nist_ai_100_2",
   "framework_refs": [
    {
     "domain": "security",
     "control": "PT-02",
     "name": "Authorize tool calls and govern the MCP server registry",
     "requirement_id": "NISTAML.05",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "PT-03",
     "name": "Verify skill/tool manifest integrity and sign the supply chain",
     "requirement_id": "NISTAML.05",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "PT-07",
     "name": "Verify tool descriptions for hidden instructions (description injection)",
     "requirement_id": "NISTAML.05",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "AS-02",
     "name": "Statically analyze agent skills and manifests in CI",
     "requirement_id": "NISTAML.05",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "AS-06",
     "name": "Verify model-weights and training-data provenance before load",
     "requirement_id": "NISTAML.05",
     "fit": "supporting"
    },
    {
     "domain": "security",
     "control": "AS-07",
     "name": "Verify a skill does what it declares (behavioral integrity)",
     "requirement_id": "NISTAML.05",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "LI-01",
     "name": "Unique Model Identity and Content-Addressed Version Hash",
     "requirement_id": "NISTAML.05",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "LI-02",
     "name": "Model Provenance Chain — Base Model, Fine-Tune, Merge, and Adapter Lineage",
     "requirement_id": "NISTAML.05",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "LI-03",
     "name": "Supply Chain Integrity — Third-Party Model Verification and Cryptographic...",
     "requirement_id": "NISTAML.05",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "LI-05",
     "name": "Training Data Lineage Pointer — Link from Model Registry to TG-Layer Dataset...",
     "requirement_id": "NISTAML.05",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "TG-04",
     "name": "Data Poisoning Prevention",
     "requirement_id": "NISTAML.013",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "TG-04",
     "name": "Data Poisoning Prevention",
     "requirement_id": "NISTAML.012",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "TG-07",
     "name": "Third-Party Dataset Governance",
     "requirement_id": "NISTAML.05",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "EV-04",
     "name": "Adversarial Red-Team Testing",
     "requirement_id": "NISTAML.022",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "OA-06",
     "name": "Third-Party Model and Vendor Risk Oversight",
     "requirement_id": "NISTAML.05",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "BH-10",
     "name": "Feedback Loop Integrity and Online Learning Governance",
     "requirement_id": "NISTAML.023",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "EV-11",
     "name": "Backdoor and Trojan Detection Scanning",
     "requirement_id": "NISTAML.021",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "EV-11",
     "name": "Backdoor and Trojan Detection Scanning",
     "requirement_id": "NISTAML.023",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "EV-12",
     "name": "Model Inversion and Reconstruction Resistance",
     "requirement_id": "NISTAML.032",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "EV-13",
     "name": "Training-Data Memorization and Regurgitation Testing",
     "requirement_id": "NISTAML.037",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "EV-13",
     "name": "Training-Data Memorization and Regurgitation Testing",
     "requirement_id": "NISTAML.038",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DG-02",
     "name": "Data Processor Agreements",
     "requirement_id": "NISTAML.05",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "PM-07",
     "name": "Third-Party Privacy Monitoring",
     "requirement_id": "NISTAML.05",
     "fit": "supporting"
    },
    {
     "domain": "data",
     "control": "DL-01",
     "name": "End-to-End Data Lineage Tracking",
     "requirement_id": "NISTAML.05",
     "fit": "supporting"
    },
    {
     "domain": "data",
     "control": "DL-02",
     "name": "Training Data Lineage Documentation",
     "requirement_id": "NISTAML.05",
     "fit": "supporting"
    },
    {
     "domain": "data",
     "control": "DL-04",
     "name": "Transformation and Enrichment Lineage",
     "requirement_id": "NISTAML.05",
     "fit": "supporting"
    }
   ],
   "source_refs": [
    {
     "domain": "security",
     "control": "RT-02",
     "name": "Detect direct and indirect prompt injection at every input and output",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "security",
     "control": "RT-06",
     "name": "Map AI-native threats, extend ATT&CK/ATLAS to agentic orchestration",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "model",
     "control": "BH-06",
     "name": "Injection-Resistance Evaluation in Production",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "model",
     "control": "EV-11",
     "name": "Backdoor and Trojan Detection Scanning",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "model",
     "control": "EV-12",
     "name": "Model Inversion and Reconstruction Resistance",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "model",
     "control": "EV-13",
     "name": "Training-Data Memorization and Regurgitation Testing",
     "relationship": "supporting_guidance"
    }
   ],
   "by_domain": {
    "security": 6,
    "model": 15,
    "privacy": 2,
    "data": 3
   },
   "title": "NIST AI 100-2e2025",
   "total": 32
  },
  {
   "source_id": "iso_24760",
   "framework_refs": [
    {
     "domain": "identity",
     "control": "II-05",
     "name": "Non-Human Identity Separation from Human Identity",
     "requirement_id": "§7.2",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "II-06",
     "name": "Accountable Owner Binding",
     "requirement_id": "ISO/IEC 24760-2:2015",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "II-08",
     "name": "Identity Registry Integrity and Tamper Evidence",
     "requirement_id": "ISO/IEC 24760-2:2015",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "NI-06",
     "name": "Ghost Identity Detection and Remediation",
     "requirement_id": "§7",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "DE-06",
     "name": "Cross-Organizational Delegation Governance",
     "requirement_id": "ISO/IEC 24760-2:2015",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "DE-07",
     "name": "Delegation Audit Trail",
     "requirement_id": "ISO/IEC 24760-2:2015",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IF-08",
     "name": "Cross-Domain Identity Audit Reconciliation",
     "requirement_id": "ISO/IEC 24760-2:2015",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IM-05",
     "name": "Credential Sharing Detection",
     "requirement_id": "§8",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "IM-06",
     "name": "Identity Event Log Integrity",
     "requirement_id": "ISO/IEC 24760-2:2015",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IM-08",
     "name": "Identity Incident Response",
     "requirement_id": "ISO/IEC 24760-2:2015",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IC-01",
     "name": "Identity Governance Structure",
     "requirement_id": "ISO/IEC 24760-2:2015",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IC-02",
     "name": "Identity Policy and Standards",
     "requirement_id": "ISO/IEC 24760-2:2015",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IC-05",
     "name": "Identity Compliance Mapping",
     "requirement_id": "ISO/IEC 24760-2:2015",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IC-07",
     "name": "Identity Program Metrics and KPIs",
     "requirement_id": "ISO/IEC 24760-2:2015",
     "fit": "direct"
    }
   ],
   "source_refs": [
    {
     "domain": "identity",
     "control": "II-05",
     "name": "Non-Human Identity Separation from Human Identity",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "II-06",
     "name": "Accountable Owner Binding",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "II-08",
     "name": "Identity Registry Integrity and Tamper Evidence",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "NI-06",
     "name": "Ghost Identity Detection and Remediation",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "NI-08",
     "name": "Break-Glass Identity and Emergency Access",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "DE-06",
     "name": "Cross-Organizational Delegation Governance",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "DE-07",
     "name": "Delegation Audit Trail",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "IF-08",
     "name": "Cross-Domain Identity Audit Reconciliation",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "IM-05",
     "name": "Credential Sharing Detection",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "IM-06",
     "name": "Identity Event Log Integrity",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "IM-08",
     "name": "Identity Incident Response",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "IC-01",
     "name": "Identity Governance Structure",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "IC-02",
     "name": "Identity Policy and Standards",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "IC-03",
     "name": "Identity Access Review",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "IC-06",
     "name": "Third-Party Identity Provider Audit",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "IC-07",
     "name": "Identity Program Metrics and KPIs",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "IC-08",
     "name": "Identity Attestation Production",
     "relationship": "implementation_pattern"
    }
   ],
   "by_domain": {
    "identity": 14
   },
   "title": "ISO/IEC 24760 series",
   "total": 31
  },
  {
   "source_id": "oecd_ai_principles",
   "framework_refs": [
    {
     "domain": "ethics",
     "control": "EF-01",
     "name": "Ethics Principles Adoption and Operationalization",
     "requirement_id": "Principles 1.1–1.5",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "EF-03",
     "name": "Ethical Risk Appetite Definition",
     "requirement_id": "Principle 1.4",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "EF-04",
     "name": "Ethics Impact Assessment Framework",
     "requirement_id": "Principles 1.3, 1.4",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "EF-05",
     "name": "EU AI Act Prohibited Practices Governance (Art. 5)",
     "requirement_id": "Principle 1.2",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "EF-07",
     "name": "External Ethics Stakeholder Engagement",
     "requirement_id": "Principle 1.5",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "EF-08",
     "name": "Ethics Foundations Evidence Package",
     "requirement_id": "Principle 1.5",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "FA-01",
     "name": "Protected Characteristic Identification and Scope",
     "requirement_id": "Principle 1.2",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "FA-05",
     "name": "NYC Local Law 144 and Analogous Audit Compliance",
     "requirement_id": "Principle 1.5",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "FA-08",
     "name": "Fairness and Accountability Evidence Package",
     "requirement_id": "Principle 1.5",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "XP-01",
     "name": "Explainability Method Selection and Justification",
     "requirement_id": "Principle 1.3",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "XP-02",
     "name": "Decision-Level Explanation Requirements",
     "requirement_id": "Principle 1.3",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "XP-04",
     "name": "Adverse Action Notice and Explanation (ECOA/Reg B, FCRA)",
     "requirement_id": "Principle 1.3",
     "fit": "adjacent"
    },
    {
     "domain": "ethics",
     "control": "XP-05",
     "name": "Model Card and System Card Transparency Disclosure",
     "requirement_id": "Principle 1.3",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "XP-06",
     "name": "Technical vs. Non-Technical Explanation Tiers",
     "requirement_id": "Principle 1.3",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "XP-07",
     "name": "Explanation Completeness and Coverage Auditing",
     "requirement_id": "Principle 1.5",
     "fit": "adjacent"
    },
    {
     "domain": "ethics",
     "control": "XP-08",
     "name": "Explainability Evidence Package",
     "requirement_id": "Principle 1.5",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "HI-01",
     "name": "Fundamental Rights Impact Assessment Content Governance",
     "requirement_id": "Principle 1.3",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "HI-02",
     "name": "Human Dignity and Autonomy Preservation",
     "requirement_id": "Principle 1.1",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "HI-05",
     "name": "Remedy and Redress Mechanisms",
     "requirement_id": "Principle 1.3",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "HI-06",
     "name": "Consent and Agency Preservation for AI Interactions",
     "requirement_id": "Principle 1.3",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "HI-08",
     "name": "Human Interests Evidence Package",
     "requirement_id": "Principle 1.5",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "FM-01",
     "name": "Production Fairness Monitoring Program",
     "requirement_id": "Principle 1.2",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "FM-04",
     "name": "Feedback Loop and Reinforcement Bias Detection",
     "requirement_id": "Principle 1.2",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "FM-08",
     "name": "Fairness Monitoring Evidence Package",
     "requirement_id": "Principle 1.5",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "EG-01",
     "name": "Ethics Governance Structure",
     "requirement_id": "Principle 1.5",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "EG-02",
     "name": "AI Ethics Policy Framework",
     "requirement_id": "Principle 1.3",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "EG-03",
     "name": "Senior and Board-Level Ethics Accountability",
     "requirement_id": "Principle 1.5",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "EG-05",
     "name": "Third-Party AI Provider Ethics Accountability",
     "requirement_id": "Principle 1.5",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "EG-07",
     "name": "Ethics Program Metrics and Effectiveness Measurement",
     "requirement_id": "Principle 1.5",
     "fit": "adjacent"
    },
    {
     "domain": "ethics",
     "control": "EG-08",
     "name": "EthicsAttestation Production",
     "requirement_id": "Principle 1.5",
     "fit": "direct"
    }
   ],
   "source_refs": [
    {
     "domain": "authority",
     "control": "PO-07",
     "name": "Third-Party Policy Requirements",
     "relationship": "implementation_pattern"
    }
   ],
   "by_domain": {
    "ethics": 30
   },
   "title": "OECD AI Principles",
   "total": 31
  },
  {
   "source_id": "dama_dmbok",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "knowledge",
     "control": "KS-03",
     "name": "Source Currency and Maximum Age Policy",
     "relationship": "informative_reference"
    },
    {
     "domain": "knowledge",
     "control": "KI-01",
     "name": "Ingestion Pipeline Authorization",
     "relationship": "informative_reference"
    },
    {
     "domain": "knowledge",
     "control": "KI-06",
     "name": "Pre-Ingestion Content Quality Gates",
     "relationship": "informative_reference"
    },
    {
     "domain": "knowledge",
     "control": "KI-07",
     "name": "Ingestion Audit Trail",
     "relationship": "informative_reference"
    },
    {
     "domain": "knowledge",
     "control": "KI-08",
     "name": "Knowledge Ingestion Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "knowledge",
     "control": "KR-07",
     "name": "Retrieval Audit Trail",
     "relationship": "informative_reference"
    },
    {
     "domain": "knowledge",
     "control": "KR-08",
     "name": "Knowledge Retrieval Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "knowledge",
     "control": "KC-01",
     "name": "Knowledge Staleness Classification Policy",
     "relationship": "informative_reference"
    },
    {
     "domain": "knowledge",
     "control": "KC-06",
     "name": "Domain-Specific Currency Requirements",
     "relationship": "informative_reference"
    },
    {
     "domain": "knowledge",
     "control": "KM-01",
     "name": "Knowledge Asset Lifecycle Governance",
     "relationship": "informative_reference"
    },
    {
     "domain": "knowledge",
     "control": "KM-04",
     "name": "Knowledge Archival and Retention Policy",
     "relationship": "informative_reference"
    },
    {
     "domain": "knowledge",
     "control": "KM-08",
     "name": "Knowledge Management Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "knowledge",
     "control": "KG-01",
     "name": "Knowledge Governance Structure",
     "relationship": "informative_reference"
    },
    {
     "domain": "knowledge",
     "control": "KG-02",
     "name": "AI Knowledge Substrate Policy Framework",
     "relationship": "informative_reference"
    },
    {
     "domain": "knowledge",
     "control": "KG-03",
     "name": "Senior Accountability for Knowledge Quality and Safety",
     "relationship": "informative_reference"
    },
    {
     "domain": "knowledge",
     "control": "KG-04",
     "name": "Knowledge Risk Assessment",
     "relationship": "informative_reference"
    },
    {
     "domain": "knowledge",
     "control": "KG-06",
     "name": "Knowledge Incident Response",
     "relationship": "informative_reference"
    },
    {
     "domain": "knowledge",
     "control": "KG-07",
     "name": "Knowledge Program Metrics and Effectiveness Reporting",
     "relationship": "informative_reference"
    },
    {
     "domain": "knowledge",
     "control": "KG-08",
     "name": "KnowledgeAttestation Production",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DX-02",
     "name": "Inter-System Data Transfer Authorization",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DX-08",
     "name": "Data Exchange Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DI-07",
     "name": "Data Integrity Incident Response",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DM-03",
     "name": "Data Retention and Disposal Governance",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DM-08",
     "name": "Data Management Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DL-03",
     "name": "Inference-Time Data Lineage (Per-Decision Provenance)",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DL-08",
     "name": "Data Lineage Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DA-02",
     "name": "Data Minimization Implementation for AI",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DA-05",
     "name": "AI Data Access Review and Recertification",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DA-07",
     "name": "Emergency AI Data Access Procedures",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DA-08",
     "name": "Data Access Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DV-08",
     "name": "DataGovernanceAttestation Production",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {},
   "title": "DAMA-DMBOK 2nd Ed",
   "total": 31
  },
  {
   "source_id": "ping_machine_identity_2026",
   "framework_refs": [
    {
     "domain": "identity",
     "control": "II-01",
     "name": "AI Agent Identity Registry",
     "requirement_id": "Ping Identity for AI — Agent IAM Core",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "II-03",
     "name": "Cryptographic Identity Binding",
     "requirement_id": "PingOne Credentials — Verifiable Credentials",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "NI-01",
     "name": "Identity Provisioning Gate",
     "requirement_id": "Ping Identity for AI — Agent IAM Core provisioning gate",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "NI-05",
     "name": "Identity Deprovisioning and Revocation",
     "requirement_id": "Ping Identity for AI — Agent Gateway revocation",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "DE-01",
     "name": "Delegation Chain Documentation",
     "requirement_id": "Ping Identity for AI — Agent IAM Core delegation chain",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "DE-02",
     "name": "Scope Boundary Enforcement",
     "requirement_id": "PingFederate — Scope Reduction Enforcement",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "DE-03",
     "name": "Delegation Depth Limits",
     "requirement_id": "Ping Identity Runtime Identity — Delegation Depth Limit",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "DE-06",
     "name": "Cross-Organizational Delegation Governance",
     "requirement_id": "Ping Identity — Federated Cross Org Authorization",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "IF-01",
     "name": "Identity Federation Trust Framework",
     "requirement_id": "Ping Identity Runtime Identity — Trust Framework",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "IF-02",
     "name": "OIDC/OAuth Federation Configuration",
     "requirement_id": "PingFederate — OIDC Audience Validation",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "IF-03",
     "name": "Cross-Organizational Agent Authentication",
     "requirement_id": "Ping Identity — Cross Organization Agent Auth",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "IF-04",
     "name": "DID-Based Cryptographic Agent Identity",
     "requirement_id": "PingOne Credentials — W3C Verifiable Credentials / DID",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IF-05",
     "name": "eIDAS 2.0 Qualified Attestation for EU Operations",
     "requirement_id": "PingOne Credentials — eIDAS 2.0-aligned verifiable credentials",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "IC-01",
     "name": "Identity Governance Structure",
     "requirement_id": "Ping Identity for AI — Governance Capabilities",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "IC-06",
     "name": "Third-Party Identity Provider Audit",
     "requirement_id": "Ping Identity compliance certifications (SOC 2 Type II, ISO 27001)",
     "fit": "partial"
    }
   ],
   "source_refs": [
    {
     "domain": "identity",
     "control": "II-01",
     "name": "AI Agent Identity Registry",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "II-03",
     "name": "Cryptographic Identity Binding",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "NI-01",
     "name": "Identity Provisioning Gate",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "NI-05",
     "name": "Identity Deprovisioning and Revocation",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "DE-01",
     "name": "Delegation Chain Documentation",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "DE-02",
     "name": "Scope Boundary Enforcement",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "DE-03",
     "name": "Delegation Depth Limits",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "DE-06",
     "name": "Cross-Organizational Delegation Governance",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "IF-01",
     "name": "Identity Federation Trust Framework",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "IF-02",
     "name": "OIDC/OAuth Federation Configuration",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "IF-03",
     "name": "Cross-Organizational Agent Authentication",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "IF-04",
     "name": "DID-Based Cryptographic Agent Identity",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "IF-05",
     "name": "eIDAS 2.0 Qualified Attestation for EU Operations",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "IC-01",
     "name": "Identity Governance Structure",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "IC-06",
     "name": "Third-Party Identity Provider Audit",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {
    "identity": 15
   },
   "title": "Ping Identity: Identity for AI",
   "total": 30
  },
  {
   "source_id": "nist_zt",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "identity",
     "control": "II-02",
     "name": "Identity Assurance Level Assignment",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "II-03",
     "name": "Cryptographic Identity Binding",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "II-04",
     "name": "Hardware-Rooted Identity for High-Consequence Agents",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "II-07",
     "name": "Identity Metadata, Capability Manifest and Artifact Binding",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "II-08",
     "name": "Identity Registry Integrity and Tamper Evidence",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "NI-02",
     "name": "Credential Issuance and Minimum Privilege",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "NI-03",
     "name": "Credential Lifetime and Forced Rotation",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "NI-04",
     "name": "Just-In-Time Credential Issuance",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "NI-07",
     "name": "Credential Storage and Secrets Hygiene",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "DE-01",
     "name": "Delegation Chain Documentation",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "DE-02",
     "name": "Scope Boundary Enforcement",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "DE-03",
     "name": "Delegation Depth Limits",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "DE-04",
     "name": "Task-Scoped Delegation",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "DE-07",
     "name": "Delegation Audit Trail",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "IF-02",
     "name": "OIDC/OAuth Federation Configuration",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "IF-03",
     "name": "Cross-Organizational Agent Authentication",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "IF-06",
     "name": "Token Validation and Binding",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "IF-07",
     "name": "Identity Provider Resilience and Fallback",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "IF-08",
     "name": "Cross-Domain Identity Audit Reconciliation",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "IM-01",
     "name": "Credential Use Baseline",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "IM-02",
     "name": "Anomalous Credential Use Detection",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "IM-03",
     "name": "Impossible Travel and Context Anomaly Detection",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "IM-04",
     "name": "Privilege Escalation Attempt Detection",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "IM-05",
     "name": "Credential Sharing Detection",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "IM-06",
     "name": "Identity Event Log Integrity",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "IM-07",
     "name": "Credential Exposure Scanning",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "IM-08",
     "name": "Identity Incident Response",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "IC-02",
     "name": "Identity Policy and Standards",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "IC-04",
     "name": "Privileged Identity Management for AI",
     "relationship": "implementation_pattern"
    }
   ],
   "by_domain": {},
   "title": "NIST SP 800-207",
   "total": 29
  },
  {
   "source_id": "microsoft_purview_data_governance_2024",
   "framework_refs": [
    {
     "domain": "data",
     "control": "DX-01",
     "name": "Data Sensitivity Classification Framework for AI",
     "requirement_id": "Information Protection — sensitivity labels",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DX-04",
     "name": "Cross-Border Data Transfer Controls",
     "requirement_id": "Microsoft 365 Advanced Data Residency",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DX-06",
     "name": "Data Exchange Audit Trail",
     "requirement_id": "Purview Audit (unified audit log)",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DX-07",
     "name": "Data Exchange Security Controls",
     "requirement_id": "Microsoft platform encryption in transit (TLS)",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DI-01",
     "name": "Data Integrity Baseline and Checksum Monitoring",
     "requirement_id": "Data Catalog — Data Lineage",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DI-06",
     "name": "Model Memorization Risk Assessment and Output Leakage Prevention",
     "requirement_id": "Microsoft Purview — Sensitive Information Types and DLP",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DI-08",
     "name": "Data Integrity Evidence Package",
     "requirement_id": "Purview Compliance Manager",
     "fit": "adjacent"
    },
    {
     "domain": "data",
     "control": "DM-01",
     "name": "AI Data Asset Inventory and Cataloging",
     "requirement_id": "Data Map",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DM-02",
     "name": "Data Classification and Sensitivity Tagging at Rest",
     "requirement_id": "Information Protection — sensitivity labels",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DL-01",
     "name": "End-to-End Data Lineage Tracking",
     "requirement_id": "Data lineage (lineage extraction)",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DL-05",
     "name": "Data Lineage Completeness Auditing",
     "requirement_id": "Data Estate Insights",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DA-04",
     "name": "Privileged Data Access Monitoring",
     "requirement_id": "Purview Insider Risk Management",
     "fit": "adjacent"
    },
    {
     "domain": "data",
     "control": "DV-01",
     "name": "Schema Validation for AI Inputs",
     "requirement_id": "Data Quality (data type and format rules)",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DV-05",
     "name": "Validation Exception Management",
     "requirement_id": "Data Health Management",
     "fit": "adjacent"
    }
   ],
   "source_refs": [
    {
     "domain": "data",
     "control": "DX-01",
     "name": "Data Sensitivity Classification Framework for AI",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DX-04",
     "name": "Cross-Border Data Transfer Controls",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DX-06",
     "name": "Data Exchange Audit Trail",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DX-07",
     "name": "Data Exchange Security Controls",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DI-01",
     "name": "Data Integrity Baseline and Checksum Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DI-06",
     "name": "Model Memorization Risk Assessment and Output Leakage Prevention",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DI-08",
     "name": "Data Integrity Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DM-01",
     "name": "AI Data Asset Inventory and Cataloging",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DM-02",
     "name": "Data Classification and Sensitivity Tagging at Rest",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DL-01",
     "name": "End-to-End Data Lineage Tracking",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DL-05",
     "name": "Data Lineage Completeness Auditing",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DA-04",
     "name": "Privileged Data Access Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DV-01",
     "name": "Schema Validation for AI Inputs",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DV-05",
     "name": "Validation Exception Management",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DV-07",
     "name": "Data Validation Tooling Governance",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {
    "data": 14
   },
   "title": "Microsoft Purview (Data Governance)",
   "total": 29
  },
  {
   "source_id": "nist_800_207",
   "framework_refs": [
    {
     "domain": "identity",
     "control": "II-02",
     "name": "Identity Assurance Level Assignment",
     "requirement_id": "§2.1 Tenet 4",
     "fit": "supporting"
    },
    {
     "domain": "identity",
     "control": "II-03",
     "name": "Cryptographic Identity Binding",
     "requirement_id": "§2.1 Tenet 6",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "II-07",
     "name": "Identity Metadata, Capability Manifest and Artifact Binding",
     "requirement_id": "§2.1 Tenet 1",
     "fit": "supporting"
    },
    {
     "domain": "identity",
     "control": "II-08",
     "name": "Identity Registry Integrity and Tamper Evidence",
     "requirement_id": "§2.1 Tenet 7",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "NI-02",
     "name": "Credential Issuance and Minimum Privilege",
     "requirement_id": "§2.1 Tenet 4",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "NI-03",
     "name": "Credential Lifetime and Forced Rotation",
     "requirement_id": "§2.1 Tenet 3",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "NI-04",
     "name": "Just-In-Time Credential Issuance",
     "requirement_id": "§2.1 Tenet 3",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "NI-07",
     "name": "Credential Storage and Secrets Hygiene",
     "requirement_id": "§2.1 Tenet 6",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "DE-01",
     "name": "Delegation Chain Documentation",
     "requirement_id": "§2.1 Tenet 4",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "DE-02",
     "name": "Scope Boundary Enforcement",
     "requirement_id": "§2.1 Tenet 6",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "DE-03",
     "name": "Delegation Depth Limits",
     "requirement_id": "§2.1 Tenet 4",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "DE-04",
     "name": "Task-Scoped Delegation",
     "requirement_id": "§2.1 Tenet 3",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "DE-07",
     "name": "Delegation Audit Trail",
     "requirement_id": "§2.1 Tenet 7",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "IF-02",
     "name": "OIDC/OAuth Federation Configuration",
     "requirement_id": "§2.1 Tenet 3",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "IF-03",
     "name": "Cross-Organizational Agent Authentication",
     "requirement_id": "§2.1 Tenet 6",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IF-06",
     "name": "Token Validation and Binding",
     "requirement_id": "§2.1 Tenet 3",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IF-07",
     "name": "Identity Provider Resilience and Fallback",
     "requirement_id": "§3.4.1",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IF-08",
     "name": "Cross-Domain Identity Audit Reconciliation",
     "requirement_id": "§2.1 Tenet 7",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IM-01",
     "name": "Credential Use Baseline",
     "requirement_id": "§2.1 Tenet 5",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IM-02",
     "name": "Anomalous Credential Use Detection",
     "requirement_id": "§2.1 Tenet 5",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IM-03",
     "name": "Impossible Travel and Context Anomaly Detection",
     "requirement_id": "§2.1 Tenet 5",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IM-04",
     "name": "Privilege Escalation Attempt Detection",
     "requirement_id": "§2.1 Tenet 6",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IM-05",
     "name": "Credential Sharing Detection",
     "requirement_id": "§2.1 Tenet 6",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IM-06",
     "name": "Identity Event Log Integrity",
     "requirement_id": "§2.1 Tenet 7",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IM-07",
     "name": "Credential Exposure Scanning",
     "requirement_id": "§2.1 Tenet 5",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "IM-08",
     "name": "Identity Incident Response",
     "requirement_id": "§2.1 Tenet 7",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IC-02",
     "name": "Identity Policy and Standards",
     "requirement_id": "§3.3",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IC-04",
     "name": "Privileged Identity Management for AI",
     "requirement_id": "§5.7",
     "fit": "direct"
    }
   ],
   "source_refs": [],
   "by_domain": {
    "identity": 28
   },
   "title": "nist_800_207",
   "total": 28
  },
  {
   "source_id": "okta_financial_services_access_2025",
   "framework_refs": [
    {
     "domain": "finance",
     "control": "FD-01",
     "name": "AI-Driven Decision Transparency and Auditability",
     "requirement_id": "Okta System Log",
     "fit": "adjacent"
    },
    {
     "domain": "finance",
     "control": "FD-08",
     "name": "Financial Disclosure Evidence Package",
     "requirement_id": "Okta System Log",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FC-01",
     "name": "SOX 302/404 Controls over AI-Generated Financial Data",
     "requirement_id": "Okta System Log",
     "fit": "adjacent"
    },
    {
     "domain": "finance",
     "control": "FC-04",
     "name": "Change Management Controls for Financial AI Systems",
     "requirement_id": "Okta Privileged Access",
     "fit": "adjacent"
    },
    {
     "domain": "finance",
     "control": "FC-05",
     "name": "Access Controls for Financial AI Systems",
     "requirement_id": "Okta access management",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FC-07",
     "name": "Financial Data Integrity Monitoring",
     "requirement_id": "Okta System Log",
     "fit": "adjacent"
    },
    {
     "domain": "finance",
     "control": "FC-08",
     "name": "Financial Controls Evidence Package",
     "requirement_id": "Okta System Log",
     "fit": "adjacent"
    },
    {
     "domain": "finance",
     "control": "FP-04",
     "name": "AI Procurement and Vendor Management Policy for Finance",
     "requirement_id": "Okta Adaptive MFA",
     "fit": "adjacent"
    },
    {
     "domain": "finance",
     "control": "FP-06",
     "name": "Financial AI Change Control Policy",
     "requirement_id": "Okta Privileged Access",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FP-07",
     "name": "AI Exception and Escalation Policy",
     "requirement_id": "Okta System Log",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FP-08",
     "name": "Financial Policy Evidence Package",
     "requirement_id": "Okta System Log",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FG-02",
     "name": "Senior and Named Accountability for Financial AI Decisions",
     "requirement_id": "Okta System Log",
     "fit": "adjacent"
    },
    {
     "domain": "finance",
     "control": "FG-05",
     "name": "Finance AI Incident Response Integration",
     "requirement_id": "Okta System Log",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FG-08",
     "name": "FinanceAttestation Production",
     "requirement_id": "Okta System Log",
     "fit": "adjacent"
    }
   ],
   "source_refs": [
    {
     "domain": "finance",
     "control": "FD-01",
     "name": "AI-Driven Decision Transparency and Auditability",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FD-08",
     "name": "Financial Disclosure Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FC-01",
     "name": "SOX 302/404 Controls over AI-Generated Financial Data",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FC-04",
     "name": "Change Management Controls for Financial AI Systems",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FC-05",
     "name": "Access Controls for Financial AI Systems",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FC-07",
     "name": "Financial Data Integrity Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FC-08",
     "name": "Financial Controls Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FP-04",
     "name": "AI Procurement and Vendor Management Policy for Finance",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FP-06",
     "name": "Financial AI Change Control Policy",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FP-07",
     "name": "AI Exception and Escalation Policy",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FP-08",
     "name": "Financial Policy Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FG-02",
     "name": "Senior and Named Accountability for Financial AI Decisions",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FG-05",
     "name": "Finance AI Incident Response Integration",
     "relationship": "informative_reference"
    },
    {
     "domain": "finance",
     "control": "FG-08",
     "name": "FinanceAttestation Production",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {
    "finance": 14
   },
   "title": "Okta for Financial Services",
   "total": 28
  },
  {
   "source_id": "cisa_ztmm",
   "framework_refs": [
    {
     "domain": "identity",
     "control": "II-01",
     "name": "AI Agent Identity Registry",
     "requirement_id": "Identity Pillar — Identity Stores",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "II-02",
     "name": "Identity Assurance Level Assignment",
     "requirement_id": "Identity Pillar — Authentication",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "II-04",
     "name": "Hardware-Rooted Identity for High-Consequence Agents",
     "requirement_id": "Identity Pillar — Authentication",
     "fit": "supporting"
    },
    {
     "domain": "identity",
     "control": "II-05",
     "name": "Non-Human Identity Separation from Human Identity",
     "requirement_id": "Identity Pillar — Identity Stores",
     "fit": "supporting"
    },
    {
     "domain": "identity",
     "control": "II-08",
     "name": "Identity Registry Integrity and Tamper Evidence",
     "requirement_id": "Visibility and Analytics (cross-cutting capability)",
     "fit": "supporting"
    },
    {
     "domain": "identity",
     "control": "NI-01",
     "name": "Identity Provisioning Gate",
     "requirement_id": "Identity Pillar — Identity Stores",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "NI-03",
     "name": "Credential Lifetime and Forced Rotation",
     "requirement_id": "Identity Pillar — Authentication",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "NI-05",
     "name": "Identity Deprovisioning and Revocation",
     "requirement_id": "Identity Pillar — Identity Stores",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "NI-06",
     "name": "Ghost Identity Detection and Remediation",
     "requirement_id": "Identity Pillar — Identity Stores",
     "fit": "adjacent"
    },
    {
     "domain": "identity",
     "control": "NI-07",
     "name": "Credential Storage and Secrets Hygiene",
     "requirement_id": "Identity Pillar — Authentication",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "NI-08",
     "name": "Break-Glass Identity and Emergency Access",
     "requirement_id": "Identity Pillar — Access Management",
     "fit": "adjacent"
    },
    {
     "domain": "identity",
     "control": "DE-07",
     "name": "Delegation Audit Trail",
     "requirement_id": "Visibility and Analytics (cross-cutting capability)",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "IF-01",
     "name": "Identity Federation Trust Framework",
     "requirement_id": "Identity Pillar — Identity Stores",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "IF-03",
     "name": "Cross-Organizational Agent Authentication",
     "requirement_id": "Identity Pillar — Authentication",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "IF-07",
     "name": "Identity Provider Resilience and Fallback",
     "requirement_id": "Identity Pillar — Access Management",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "IF-08",
     "name": "Cross-Domain Identity Audit Reconciliation",
     "requirement_id": "Visibility and Analytics (cross-cutting capability)",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IM-01",
     "name": "Credential Use Baseline",
     "requirement_id": "Identity Pillar — Risk Assessments",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IM-02",
     "name": "Anomalous Credential Use Detection",
     "requirement_id": "Identity Pillar — Risk Assessments",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IM-03",
     "name": "Impossible Travel and Context Anomaly Detection",
     "requirement_id": "Identity Pillar — Risk Assessments",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IM-04",
     "name": "Privilege Escalation Attempt Detection",
     "requirement_id": "Identity Pillar — Risk Assessments",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IM-06",
     "name": "Identity Event Log Integrity",
     "requirement_id": "Visibility and Analytics (cross-cutting capability)",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IM-07",
     "name": "Credential Exposure Scanning",
     "requirement_id": "Identity Pillar — Authentication",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IM-08",
     "name": "Identity Incident Response",
     "requirement_id": "Visibility and Analytics (cross-cutting capability)",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "IC-01",
     "name": "Identity Governance Structure",
     "requirement_id": "Governance (cross-cutting capability)",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IC-03",
     "name": "Identity Access Review",
     "requirement_id": "Identity Pillar — Access Management",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IC-04",
     "name": "Privileged Identity Management for AI",
     "requirement_id": "Identity Pillar — Access Management",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IC-07",
     "name": "Identity Program Metrics and KPIs",
     "requirement_id": "Visibility and Analytics (cross-cutting capability)",
     "fit": "direct"
    }
   ],
   "source_refs": [],
   "by_domain": {
    "identity": 27
   },
   "title": "cisa_ztmm",
   "total": 27
  },
  {
   "source_id": "ieee_7000",
   "framework_refs": [
    {
     "domain": "ethics",
     "control": "EF-01",
     "name": "Ethics Principles Adoption and Operationalization",
     "requirement_id": "§6.2",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "EF-02",
     "name": "Values-to-Design Mapping",
     "requirement_id": "§7–§9",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "EF-04",
     "name": "Ethics Impact Assessment Framework",
     "requirement_id": "§10",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "EF-06",
     "name": "Ethics-by-Design Integration in Development Lifecycle",
     "requirement_id": "§5–§11",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "FA-02",
     "name": "Algorithmic Bias Impact Assessment",
     "requirement_id": "Clause 10 (Ethical risk-based design)",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "FA-03",
     "name": "Fairness Metric Selection and Justification",
     "requirement_id": "§7.3",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "FA-06",
     "name": "Disparate Impact Analysis",
     "requirement_id": "Clause 9 (Ethical requirements definition)",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "FA-07",
     "name": "Bias Remediation Governance",
     "requirement_id": "Clause 9 (Ethical requirements definition)",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "XP-01",
     "name": "Explainability Method Selection and Justification",
     "requirement_id": "Clause 11 (Transparency management)",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "XP-03",
     "name": "Explanation Fidelity and Accuracy Verification",
     "requirement_id": "Clause 11 (Transparency management)",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "XP-04",
     "name": "Adverse Action Notice and Explanation (ECOA/Reg B, FCRA)",
     "requirement_id": "Clause 7 (Concept of operations and context exploration)",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "XP-07",
     "name": "Explanation Completeness and Coverage Auditing",
     "requirement_id": "Clause 11 (Transparency management)",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "XP-08",
     "name": "Explainability Evidence Package",
     "requirement_id": "Clause 11 (Transparency management)",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "HI-01",
     "name": "Fundamental Rights Impact Assessment Content Governance",
     "requirement_id": "Clause 10 (Ethical risk-based design)",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "HI-02",
     "name": "Human Dignity and Autonomy Preservation",
     "requirement_id": "Clause 8 (Ethical values elicitation and prioritization)",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "HI-03",
     "name": "Vulnerable Population Protection",
     "requirement_id": "Clause 10 (Ethical risk-based design)",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "HI-04",
     "name": "Human Oversight and Override Mechanisms",
     "requirement_id": "Clause 7 (Concept of operations and context exploration)",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "HI-06",
     "name": "Consent and Agency Preservation for AI Interactions",
     "requirement_id": "§5.4",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "HI-07",
     "name": "Child and Minors Safety Controls",
     "requirement_id": "Clause 10 (Ethical risk-based design)",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "FM-02",
     "name": "Disparate Outcome Threshold Governance",
     "requirement_id": "Clause 9 (Ethical requirements definition)",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "FM-03",
     "name": "Statistical Parity and Equalized Odds Monitoring",
     "requirement_id": "§7.3",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "FM-04",
     "name": "Feedback Loop and Reinforcement Bias Detection",
     "requirement_id": "Clause 7 (Concept of operations and context exploration)",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "FM-08",
     "name": "Fairness Monitoring Evidence Package",
     "requirement_id": "Clause 10 (Ethical risk-based design)",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "EG-01",
     "name": "Ethics Governance Structure",
     "requirement_id": "§7.3",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "EG-04",
     "name": "Ethics Training and Capability Building",
     "requirement_id": "Clause 8 (Ethical values elicitation and prioritization)",
     "fit": "adjacent"
    },
    {
     "domain": "ethics",
     "control": "EG-06",
     "name": "Ethics Incident Response",
     "requirement_id": "Clause 9 (Ethical requirements definition)",
     "fit": "adjacent"
    },
    {
     "domain": "ethics",
     "control": "EG-07",
     "name": "Ethics Program Metrics and Effectiveness Measurement",
     "requirement_id": "§9.3",
     "fit": "partial"
    }
   ],
   "source_refs": [],
   "by_domain": {
    "ethics": 27
   },
   "title": "IEEE 7000:2021",
   "total": 27
  },
  {
   "source_id": "owasp_aitg",
   "framework_refs": [
    {
     "domain": "model",
     "control": "LI-01",
     "name": "Unique Model Identity and Content-Addressed Version Hash",
     "requirement_id": "AITG-INF-01",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "LI-02",
     "name": "Model Provenance Chain — Base Model, Fine-Tune, Merge, and Adapter Lineage",
     "requirement_id": "AITG-INF-01",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "LI-03",
     "name": "Supply Chain Integrity — Third-Party Model Verification and Cryptographic...",
     "requirement_id": "AITG-INF-01",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "LI-06",
     "name": "Immutable Version Control with Tested Rollback and Emergency Disable",
     "requirement_id": "AITG-MOD-02",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "TG-01",
     "name": "Training Data Quality Gates",
     "requirement_id": "AITG-DAT-03",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "TG-02",
     "name": "Bias and Representativeness Assessment",
     "requirement_id": "AITG-DAT-03",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "TG-03",
     "name": "Data Rights, Lawful Authority and Permitted Use",
     "requirement_id": "AITG-DAT-05",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "TG-04",
     "name": "Data Poisoning Prevention",
     "requirement_id": "AITG-MOD-03",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "TG-06",
     "name": "Sensitive-Data Necessity, Minimization and Controlled Use",
     "requirement_id": "AITG-DAT-05",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "TG-07",
     "name": "Third-Party Dataset Governance",
     "requirement_id": "AITG-INF-01",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "TG-08",
     "name": "Dataset Retention, Deletion and Lifecycle",
     "requirement_id": "AITG-DAT-05",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "EV-01",
     "name": "Pre-Deployment Evaluation Gate",
     "requirement_id": "AITG-MOD-06",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "EV-02",
     "name": "Fitness, Safety, Reliability and Policy-Conformance Evaluation",
     "requirement_id": "AITG-APP-05",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "EV-03",
     "name": "Dangerous Capability Threshold Assessment",
     "requirement_id": "AITG-INF-04",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "EV-04",
     "name": "Adversarial Red-Team Testing",
     "requirement_id": "AITG-MOD-01",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "EV-05",
     "name": "Fairness and Bias Evaluation",
     "requirement_id": "AITG-APP-10",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "OA-02",
     "name": "Meaningful Human Oversight for High-Stakes Decisions",
     "requirement_id": "AITG-APP-13",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "OA-04",
     "name": "Delegated Autonomy Tier Governance",
     "requirement_id": "AITG-APP-06",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "OA-08",
     "name": "Notice, Explanation Support, Human Review and Contestability",
     "requirement_id": "AITG-APP-14",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "BH-01",
     "name": "Output Anomaly Detection",
     "requirement_id": "AITG-MOD-06",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "BH-02",
     "name": "Concept and Data Drift Detection",
     "requirement_id": "AITG-MOD-06",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "BH-03",
     "name": "Production Performance Degradation Alerting",
     "requirement_id": "AITG-MOD-06",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "BH-04",
     "name": "Behavioral Boundary Performance Testing",
     "requirement_id": "AITG-APP-05",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "BH-06",
     "name": "Injection-Resistance Evaluation in Production",
     "requirement_id": "AITG-APP-01",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "BH-10",
     "name": "Feedback Loop Integrity and Online Learning Governance",
     "requirement_id": "AITG-INF-05",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "CR-03",
     "name": "Scheduled Model Re-validation",
     "requirement_id": "AITG-MOD-06",
     "fit": "partial"
    }
   ],
   "source_refs": [],
   "by_domain": {
    "model": 26
   },
   "title": "owasp_aitg",
   "total": 26
  },
  {
   "source_id": "cisa_zt",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "identity",
     "control": "II-01",
     "name": "AI Agent Identity Registry",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "II-02",
     "name": "Identity Assurance Level Assignment",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "II-04",
     "name": "Hardware-Rooted Identity for High-Consequence Agents",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "II-05",
     "name": "Non-Human Identity Separation from Human Identity",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "II-08",
     "name": "Identity Registry Integrity and Tamper Evidence",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "NI-01",
     "name": "Identity Provisioning Gate",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "NI-03",
     "name": "Credential Lifetime and Forced Rotation",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "NI-05",
     "name": "Identity Deprovisioning and Revocation",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "NI-06",
     "name": "Ghost Identity Detection and Remediation",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "NI-07",
     "name": "Credential Storage and Secrets Hygiene",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "NI-08",
     "name": "Break-Glass Identity and Emergency Access",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "DE-07",
     "name": "Delegation Audit Trail",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "IF-01",
     "name": "Identity Federation Trust Framework",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "IF-07",
     "name": "Identity Provider Resilience and Fallback",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "IF-08",
     "name": "Cross-Domain Identity Audit Reconciliation",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "IM-01",
     "name": "Credential Use Baseline",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "IM-02",
     "name": "Anomalous Credential Use Detection",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "IM-03",
     "name": "Impossible Travel and Context Anomaly Detection",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "IM-04",
     "name": "Privilege Escalation Attempt Detection",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "IM-06",
     "name": "Identity Event Log Integrity",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "IM-07",
     "name": "Credential Exposure Scanning",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "IM-08",
     "name": "Identity Incident Response",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "IC-01",
     "name": "Identity Governance Structure",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "IC-03",
     "name": "Identity Access Review",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "IC-04",
     "name": "Privileged Identity Management for AI",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "IC-07",
     "name": "Identity Program Metrics and KPIs",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {},
   "title": "CISA Zero Trust Maturity Model v2.0",
   "total": 26
  },
  {
   "source_id": "itil_4",
   "framework_refs": [
    {
     "domain": "knowledge",
     "control": "KS-02",
     "name": "Source Authority Classification",
     "requirement_id": "§5.1.4",
     "fit": "adjacent"
    },
    {
     "domain": "knowledge",
     "control": "KS-05",
     "name": "Competing Source Conflict Resolution",
     "requirement_id": "§5.1.4",
     "fit": "adjacent"
    },
    {
     "domain": "knowledge",
     "control": "KI-03",
     "name": "Ingestion Format Validation",
     "requirement_id": "§5.1.4",
     "fit": "adjacent"
    },
    {
     "domain": "knowledge",
     "control": "KI-06",
     "name": "Pre-Ingestion Content Quality Gates",
     "requirement_id": "§5.1.4",
     "fit": "adjacent"
    },
    {
     "domain": "knowledge",
     "control": "KI-08",
     "name": "Knowledge Ingestion Evidence Package",
     "requirement_id": "§5.1.2",
     "fit": "adjacent"
    },
    {
     "domain": "knowledge",
     "control": "KR-01",
     "name": "Retrieval Relevance Quality Standards",
     "requirement_id": "§5.1.4",
     "fit": "partial"
    },
    {
     "domain": "knowledge",
     "control": "KR-06",
     "name": "Retrieval Performance Monitoring",
     "requirement_id": "§5.2.7",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KC-01",
     "name": "Knowledge Staleness Classification Policy",
     "requirement_id": "§5.1.4 — Knowledge management",
     "fit": "partial"
    },
    {
     "domain": "knowledge",
     "control": "KC-03",
     "name": "Knowledge Refresh Scheduling and Execution",
     "requirement_id": "§5.1.4 — Knowledge management",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KC-07",
     "name": "Emergency Knowledge Update Procedures",
     "requirement_id": "§5.2.4 — Change enablement (emergency changes)",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KM-01",
     "name": "Knowledge Asset Lifecycle Governance",
     "requirement_id": "§5.1.4 Knowledge Management Practice",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KM-06",
     "name": "Knowledge Impact Assessment Before Major Changes",
     "requirement_id": "§5.2.4 — Change Enablement",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KM-07",
     "name": "Knowledge Base Performance and Quality Metrics",
     "requirement_id": "§5.1.2 — Continual Improvement",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KM-08",
     "name": "Knowledge Management Evidence Package",
     "requirement_id": "§5.1.4 — Knowledge management",
     "fit": "adjacent"
    },
    {
     "domain": "knowledge",
     "control": "KG-01",
     "name": "Knowledge Governance Structure",
     "requirement_id": "§5.1.4 — Knowledge management",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KG-06",
     "name": "Knowledge Incident Response",
     "requirement_id": "Incident Management Practice",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KG-07",
     "name": "Knowledge Program Metrics and Effectiveness Reporting",
     "requirement_id": "Continual Improvement Practice",
     "fit": "partial"
    }
   ],
   "source_refs": [
    {
     "domain": "knowledge",
     "control": "KI-06",
     "name": "Pre-Ingestion Content Quality Gates",
     "relationship": "informative_reference"
    },
    {
     "domain": "knowledge",
     "control": "KI-08",
     "name": "Knowledge Ingestion Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "knowledge",
     "control": "KC-01",
     "name": "Knowledge Staleness Classification Policy",
     "relationship": "informative_reference"
    },
    {
     "domain": "knowledge",
     "control": "KC-07",
     "name": "Emergency Knowledge Update Procedures",
     "relationship": "informative_reference"
    },
    {
     "domain": "knowledge",
     "control": "KM-01",
     "name": "Knowledge Asset Lifecycle Governance",
     "relationship": "informative_reference"
    },
    {
     "domain": "knowledge",
     "control": "KM-08",
     "name": "Knowledge Management Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "knowledge",
     "control": "KG-01",
     "name": "Knowledge Governance Structure",
     "relationship": "informative_reference"
    },
    {
     "domain": "knowledge",
     "control": "KG-06",
     "name": "Knowledge Incident Response",
     "relationship": "informative_reference"
    },
    {
     "domain": "knowledge",
     "control": "KG-07",
     "name": "Knowledge Program Metrics and Effectiveness Reporting",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {
    "knowledge": 17
   },
   "title": "ITIL 4",
   "total": 26
  },
  {
   "source_id": "cobit_dss04",
   "framework_refs": [
    {
     "domain": "resilience",
     "control": "RV-01",
     "name": "AI System RTO/RPO Definition and Validation",
     "requirement_id": "DSS04.02",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RV-02",
     "name": "Resilience Control Verification Testing",
     "requirement_id": "DSS04.04",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RV-05",
     "name": "Third-Party AI Dependency Resilience Assessment",
     "requirement_id": "DSS04.03",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RV-08",
     "name": "Resilience Verification Evidence Package",
     "requirement_id": "DSS04.05",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RP-01",
     "name": "AI-Specific Business Continuity Plan",
     "requirement_id": "DSS04.01",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RP-05",
     "name": "Recovery Priority Classification for AI Systems",
     "requirement_id": "DSS04.02",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RP-07",
     "name": "Recovery Plan Testing and Tabletop Exercises",
     "requirement_id": "DSS04.04",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RP-08",
     "name": "Recovery Planning Evidence Package",
     "requirement_id": "DSS04.06",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RO-04",
     "name": "Recovery Operations Communication Protocol",
     "requirement_id": "DSS04.04",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RO-06",
     "name": "Recovery Operations Audit Trail",
     "requirement_id": "DSS04.08",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RO-07",
     "name": "Recovery Time Compliance Verification",
     "requirement_id": "DSS04.08",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RO-08",
     "name": "Recovery Operations Evidence Package",
     "requirement_id": "DSS04.08",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "FO-03",
     "name": "Fallback Behavior Governance",
     "requirement_id": "DSS04.05 — Review, Maintain, and Improve Continuity Plans",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "FO-08",
     "name": "Fault Tolerance Evidence Package",
     "requirement_id": "DSS04.04",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RE-04",
     "name": "Infrastructure-as-Code for Reproducible Recovery",
     "requirement_id": "DSS04.03",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RE-06",
     "name": "DORA Compliance Architecture for AI Systems",
     "requirement_id": "DSS04.02",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RE-07",
     "name": "Resilience Engineering Review in Development Lifecycle",
     "requirement_id": "DSS04.04",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RE-08",
     "name": "Resilience Engineering Evidence Package",
     "requirement_id": "DSS04.08",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RG-01",
     "name": "Resilience Governance Structure",
     "requirement_id": "DSS04.01",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RG-02",
     "name": "Resilience Policy Framework",
     "requirement_id": "DSS04.02",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RG-03",
     "name": "Senior Accountability for AI Operational Resilience",
     "requirement_id": "DSS04.01",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RG-04",
     "name": "Resilience Risk Appetite and Threshold Setting",
     "requirement_id": "DSS04.02",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RG-05",
     "name": "Resilience Program Resourcing",
     "requirement_id": "DSS04.01",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RG-06",
     "name": "Resilience Incident Response Integration",
     "requirement_id": "DSS04.05",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RG-07",
     "name": "Resilience Program Metrics and Board Reporting",
     "requirement_id": "DSS04.04",
     "fit": "direct"
    }
   ],
   "source_refs": [],
   "by_domain": {
    "resilience": 25
   },
   "title": "COBIT DSS04",
   "total": 25
  },
  {
   "source_id": "cloudflare_resilience_2024",
   "framework_refs": [
    {
     "domain": "resilience",
     "control": "RV-05",
     "name": "Third-Party AI Dependency Resilience Assessment",
     "requirement_id": "Load balancing and failover – Multi-origin failover for AI API endpoints",
     "fit": "adjacent"
    },
    {
     "domain": "resilience",
     "control": "RV-06",
     "name": "Multi-Region and Multi-AZ Resilience Verification",
     "requirement_id": "Load balancing and failover – Geo-distributed AI inference endpoint resilience",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RV-07",
     "name": "Degraded-Mode AI Operation Testing",
     "requirement_id": "Rate limiting for API protection",
     "fit": "adjacent"
    },
    {
     "domain": "resilience",
     "control": "RP-06",
     "name": "Third-Party AI Provider Outage Response Plan",
     "requirement_id": "Load balancing and failover — Health-based origin routing",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RO-01",
     "name": "AI System Failover Execution Procedures",
     "requirement_id": "Load balancing and failover — Health-based steering policies and failover DNS",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RO-05",
     "name": "Pre-Restoration Validation Before Traffic Resumption",
     "requirement_id": "Load balancing and failover — Health checks and origin validation before traffic steering",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "FO-06",
     "name": "Load Shedding and Backpressure Mechanisms",
     "requirement_id": "Rate limiting and DDoS protection",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RE-01",
     "name": "High Availability Architecture for AI Systems",
     "requirement_id": "Cloudflare Resilience — Load balancing and failover, DDoS protection layers for AI inference endpoint availability",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RE-02",
     "name": "Stateless Agent Design and Session Recovery",
     "requirement_id": "Cloudflare Resilience — Edge resilience patterns: stateless worker design enabling transparent load balancing and failover",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RE-05",
     "name": "Dependency Isolation and Bulkhead Patterns",
     "requirement_id": "Cloudflare Resilience — Rate limiting for API protection and DDoS protection layers: per-client resource quota enforcement for AI inference endpoints",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RE-06",
     "name": "DORA Compliance Architecture for AI Systems",
     "requirement_id": "Cloudflare Resilience — DDoS protection and load balancing for financial services AI inference endpoints: DORA third-party ICT risk controls",
     "fit": "partial"
    }
   ],
   "source_refs": [
    {
     "domain": "resilience",
     "control": "RV-03",
     "name": "Chaos Engineering for AI Systems",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RV-05",
     "name": "Third-Party AI Dependency Resilience Assessment",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RV-06",
     "name": "Multi-Region and Multi-AZ Resilience Verification",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RV-07",
     "name": "Degraded-Mode AI Operation Testing",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RP-06",
     "name": "Third-Party AI Provider Outage Response Plan",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RO-01",
     "name": "AI System Failover Execution Procedures",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RO-05",
     "name": "Pre-Restoration Validation Before Traffic Resumption",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "FO-06",
     "name": "Load Shedding and Backpressure Mechanisms",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RE-01",
     "name": "High Availability Architecture for AI Systems",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RE-02",
     "name": "Stateless Agent Design and Session Recovery",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RE-05",
     "name": "Dependency Isolation and Bulkhead Patterns",
     "relationship": "informative_reference"
    },
    {
     "domain": "resilience",
     "control": "RE-06",
     "name": "DORA Compliance Architecture for AI Systems",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {
    "resilience": 11
   },
   "title": "Cloudflare DDoS Protection",
   "total": 23
  },
  {
   "source_id": "nist_ai_600_1",
   "framework_refs": [
    {
     "domain": "model",
     "control": "TG-03",
     "name": "Data Rights, Lawful Authority and Permitted Use",
     "requirement_id": "DATA-PRIVACY",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "EV-02",
     "name": "Fitness, Safety, Reliability and Policy-Conformance Evaluation",
     "requirement_id": "CONFABULATION",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "EV-03",
     "name": "Dangerous Capability Threshold Assessment",
     "requirement_id": "CBRN",
     "fit": "direct"
    },
    {
     "domain": "model",
     "control": "EV-04",
     "name": "Adversarial Red-Team Testing",
     "requirement_id": "INFO-SECURITY",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "EV-05",
     "name": "Fairness and Bias Evaluation",
     "requirement_id": "HUMAN-AI-CONFIG",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "BH-04",
     "name": "Behavioral Boundary Performance Testing",
     "requirement_id": "INFO-SECURITY",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "BH-09",
     "name": "Synthetic-Content Provenance, Disclosure and Traceability",
     "requirement_id": "INFO-INTEGRITY",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AA-05",
     "name": "Session Token Binding and Anti-Replay Controls",
     "requirement_id": "MS-2.5",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AA-07",
     "name": "Authentication Failure Monitoring and Alerting",
     "requirement_id": "MS-2.5",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AB-04",
     "name": "Output Policy Enforcement",
     "requirement_id": "2.4 — Data Privacy",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AB-05",
     "name": "Prompt Injection Detection and Defense",
     "requirement_id": "2.9 — Information Security",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AB-07",
     "name": "Behavioral Drift Monitoring",
     "requirement_id": "2.9 — Information Security",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AT-02",
     "name": "Tool Permission Scoping",
     "requirement_id": "2.9 — Information Security",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AT-03",
     "name": "Tool Input Validation and Schema Enforcement",
     "requirement_id": "2.9 — Information Security",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AT-04",
     "name": "Tool Output Sanitization and Integrity Verification",
     "requirement_id": "2.8 — Information Integrity",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AT-07",
     "name": "Tool Usage Audit Trail",
     "requirement_id": "2.9 — Information Security",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AO-03",
     "name": "Orchestration Message Integrity",
     "requirement_id": "2.9 — Information Security",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AM-02",
     "name": "Anomalous Action Detection",
     "requirement_id": "2.4 — Data Privacy",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AM-05",
     "name": "Multi-Agent Communication Monitoring",
     "requirement_id": "2.8 — Information Integrity",
     "fit": "direct"
    }
   ],
   "source_refs": [
    {
     "domain": "security",
     "control": "GV-05",
     "name": "Run an AI management system and tier agents by their autonomy",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "EV-05",
     "name": "Fairness and Bias Evaluation",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "EV-06",
     "name": "Reproducible Evaluation Design",
     "relationship": "implementation_pattern"
    }
   ],
   "by_domain": {
    "model": 7,
    "agentic": 12
   },
   "title": "NIST AI 600-1",
   "total": 22
  },
  {
   "source_id": "iso_27002",
   "framework_refs": [
    {
     "domain": "knowledge",
     "control": "KS-04",
     "name": "Source Provenance Documentation",
     "requirement_id": "§5.12–5.13",
     "fit": "partial"
    },
    {
     "domain": "knowledge",
     "control": "KS-06",
     "name": "Knowledge Domain Boundary Definition",
     "requirement_id": "§5.10",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KI-02",
     "name": "Knowledge Poisoning Detection and Prevention",
     "requirement_id": "§8.8",
     "fit": "adjacent"
    },
    {
     "domain": "knowledge",
     "control": "KI-04",
     "name": "Content Sensitivity Classification at Ingestion",
     "requirement_id": "§5.12",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KI-07",
     "name": "Ingestion Audit Trail",
     "requirement_id": "§8.15",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KI-08",
     "name": "Knowledge Ingestion Evidence Package",
     "requirement_id": "§5.36",
     "fit": "partial"
    },
    {
     "domain": "knowledge",
     "control": "KR-05",
     "name": "Retrieval Permission Verification",
     "requirement_id": "§5.15",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KR-07",
     "name": "Retrieval Audit Trail",
     "requirement_id": "§8.15",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KC-06",
     "name": "Domain-Specific Currency Requirements",
     "requirement_id": "§5.12",
     "fit": "partial"
    },
    {
     "domain": "knowledge",
     "control": "KM-02",
     "name": "Knowledge Base Segmentation and Access Control",
     "requirement_id": "§5.15 — Access control",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KM-04",
     "name": "Knowledge Archival and Retention Policy",
     "requirement_id": "§8.10 — Information Deletion",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KG-02",
     "name": "AI Knowledge Substrate Policy Framework",
     "requirement_id": "§5.12 — Classification of information",
     "fit": "partial"
    },
    {
     "domain": "knowledge",
     "control": "KG-05",
     "name": "External Knowledge Provider Governance",
     "requirement_id": "§5.19 — Information security in supplier relationships",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KG-08",
     "name": "KnowledgeAttestation Production",
     "requirement_id": "§5.36 — Compliance with policies and standards",
     "fit": "adjacent"
    }
   ],
   "source_refs": [
    {
     "domain": "knowledge",
     "control": "KI-07",
     "name": "Ingestion Audit Trail",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "knowledge",
     "control": "KI-08",
     "name": "Knowledge Ingestion Evidence Package",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "knowledge",
     "control": "KR-07",
     "name": "Retrieval Audit Trail",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "knowledge",
     "control": "KC-06",
     "name": "Domain-Specific Currency Requirements",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "knowledge",
     "control": "KM-04",
     "name": "Knowledge Archival and Retention Policy",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "knowledge",
     "control": "KG-02",
     "name": "AI Knowledge Substrate Policy Framework",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "knowledge",
     "control": "KG-08",
     "name": "KnowledgeAttestation Production",
     "relationship": "implementation_pattern"
    }
   ],
   "by_domain": {
    "knowledge": 14
   },
   "title": "ISO/IEC 27002:2022",
   "total": 21
  },
  {
   "source_id": "edmc_dcam",
   "framework_refs": [
    {
     "domain": "data",
     "control": "DX-02",
     "name": "Inter-System Data Transfer Authorization",
     "requirement_id": "Data Control Environment (Component 7)",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DX-03",
     "name": "API Contract Governance for AI Data Exchange",
     "requirement_id": "Capability 3.3",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DI-03",
     "name": "Cross-System Data Consistency Validation",
     "requirement_id": "Capability 5.3",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DI-07",
     "name": "Data Integrity Incident Response",
     "requirement_id": "Capability 5.3",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DI-08",
     "name": "Data Integrity Evidence Package",
     "requirement_id": "Data Control Environment (Component 7)",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DM-01",
     "name": "AI Data Asset Inventory and Cataloging",
     "requirement_id": "Capability 3.3",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DM-04",
     "name": "Master Data Management for AI Systems",
     "requirement_id": "Capability 5.2",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DM-05",
     "name": "Data Quality Standards and Target Setting",
     "requirement_id": "Capability 5.1",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DM-06",
     "name": "Data Schema Governance and Breaking Change Control",
     "requirement_id": "Capability 3.3",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DM-08",
     "name": "Data Management Evidence Package",
     "requirement_id": "Capability 2.1",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DL-01",
     "name": "End-to-End Data Lineage Tracking",
     "requirement_id": "Business & Data Architecture (Component 3)",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DL-02",
     "name": "Training Data Lineage Documentation",
     "requirement_id": "Capability 5.1",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DL-05",
     "name": "Data Lineage Completeness Auditing",
     "requirement_id": "Capability 5.1",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DL-07",
     "name": "Data Lineage Tooling Governance",
     "requirement_id": "Capability 6.1",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DL-08",
     "name": "Data Lineage Evidence Package",
     "requirement_id": "Capability 5.2",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DV-02",
     "name": "Data Quality Gate Enforcement",
     "requirement_id": "Capability 5.1",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DV-03",
     "name": "Statistical Distribution Validation",
     "requirement_id": "Capability 5.2",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DV-05",
     "name": "Validation Exception Management",
     "requirement_id": "Capability 5.3",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DV-06",
     "name": "Validation Pipeline Monitoring",
     "requirement_id": "Capability 5.2",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DV-07",
     "name": "Data Validation Tooling Governance",
     "requirement_id": "Capability 5.1",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DV-08",
     "name": "DataGovernanceAttestation Production",
     "requirement_id": "Capability 6.1",
     "fit": "direct"
    }
   ],
   "source_refs": [],
   "by_domain": {
    "data": 21
   },
   "title": "edmc_dcam",
   "total": 21
  },
  {
   "source_id": "ms_ifc_agents",
   "framework_refs": [
    {
     "domain": "security",
     "control": "EC-07",
     "name": "Trust-rank retrieved content before it enters the agent's context",
     "requirement_id": "Integrity label (trusted/untrusted) on retrieved content; Dual LLM pattern / Quarantined LLM to process untrusted data",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "PT-02",
     "name": "Authorize tool calls and govern the MCP server registry",
     "requirement_id": "Integrating IFC into agentic orchestrators and tools — Communicating policies; Extending existing MCP servers (policies advertised in MCP Tool _meta; Fides Gate",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "PT-04",
     "name": "Validate tool input/output, treat tool results as untrusted",
     "requirement_id": "Integrity label (trusted/untrusted) on ingested and tool-returned data; Propagate labels through the agent loop",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "GV-04",
     "name": "Enforce policy as code at run time, in the request path",
     "requirement_id": "Information-flow control — Check before acting: a policy engine inspects labels before each tool call (Communicating policies; OPA Rego policy language)",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "RT-02",
     "name": "Detect direct and indirect prompt injection at every input and output",
     "requirement_id": "Information-flow control as a deterministic defense against content smuggled in through prompt injection (Integrity label: trusted/untrusted)",
     "fit": "partial"
    },
    {
     "domain": "security",
     "control": "RT-05",
     "name": "Apply data-loss prevention to agent egress and interactions",
     "requirement_id": "Confidentiality label (public/confidential/read-access list); Check before acting prevents leaking confidential data on egress",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AB-02",
     "name": "Tool-Call Authorization Policy",
     "requirement_id": "Check before acting — policy engine inspects labels before each tool call to allow, block, or request human review (Communicating policies)",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AB-05",
     "name": "Prompt Injection Detection and Defense",
     "requirement_id": "Information-flow control as deterministic defense against prompt injection; Dual LLM pattern / Quarantined LLM",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AO-04",
     "name": "Human-in-the-Loop Gates for High-Consequence Orchestrations",
     "requirement_id": "Check before acting — policy engine may block an action or ask a human to review it",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DX-01",
     "name": "Data Sensitivity Classification Framework for AI",
     "requirement_id": "Confidentiality label (public/confidential/read-access list) — Label data by sensitivity (Communicating labels)",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DL-03",
     "name": "Inference-Time Data Lineage (Per-Decision Provenance)",
     "requirement_id": "Propagate labels — labels travel with derivative results as data flows through the agent loop (Communicating labels)",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DA-01",
     "name": "AI Data Access Authorization Framework",
     "requirement_id": "Confidentiality label read-access list ({Alice, Bob, Charlie}); Check before acting enforces reader authorization",
     "fit": "partial"
    }
   ],
   "source_refs": [
    {
     "domain": "security",
     "control": "EC-07",
     "name": "Trust-rank retrieved content before it enters the agent's context",
     "relationship": "informative_reference"
    },
    {
     "domain": "security",
     "control": "PT-02",
     "name": "Authorize tool calls and govern the MCP server registry",
     "relationship": "informative_reference"
    },
    {
     "domain": "security",
     "control": "PT-04",
     "name": "Validate tool input/output, treat tool results as untrusted",
     "relationship": "informative_reference"
    },
    {
     "domain": "security",
     "control": "GV-04",
     "name": "Enforce policy as code at run time, in the request path",
     "relationship": "informative_reference"
    },
    {
     "domain": "security",
     "control": "RT-05",
     "name": "Apply data-loss prevention to agent egress and interactions",
     "relationship": "informative_reference"
    },
    {
     "domain": "agentic",
     "control": "AB-02",
     "name": "Tool-Call Authorization Policy",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DX-01",
     "name": "Data Sensitivity Classification Framework for AI",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DL-03",
     "name": "Inference-Time Data Lineage (Per-Decision Provenance)",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {
    "security": 6,
    "agentic": 3,
    "data": 3
   },
   "title": "Information-flow control: Moving toward secure, autonomous agents",
   "total": 20
  },
  {
   "source_id": "ccpa",
   "framework_refs": [
    {
     "domain": "privacy",
     "control": "DC-02",
     "name": "Special Category Data Classification",
     "requirement_id": "§1798.121",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DC-03",
     "name": "Consent Registry",
     "requirement_id": "§1798.135",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DC-05",
     "name": "Consent Withdrawal Processing",
     "requirement_id": "§1798.120",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DC-07",
     "name": "Children's Data Controls",
     "requirement_id": "§1798.120 (minors)",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DG-02",
     "name": "Data Processor Agreements",
     "requirement_id": "§1798.140(ag)",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DG-06",
     "name": "Data Breach Response",
     "requirement_id": "§1798.150 (private right of action)",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DG-07",
     "name": "Data Retention and Deletion Schedule",
     "requirement_id": "§1798.100(a)(3)",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DS-01",
     "name": "Rights Request Reception",
     "requirement_id": "§1798.135",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DS-02",
     "name": "Identity Verification for Rights Requests",
     "requirement_id": "§1798.130(a) / §1798.140(ak)",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DS-03",
     "name": "Access Request Fulfillment",
     "requirement_id": "§1798.110",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DS-04",
     "name": "Erasure and Anonymization",
     "requirement_id": "§1798.105",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DS-05",
     "name": "Automated Decision Explanation Rights",
     "requirement_id": "ADMT §1798.185",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DS-06",
     "name": "Portability and Interoperability",
     "requirement_id": "§1798.130(a)(3)(B)(iii)",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DS-07",
     "name": "Objection and Restriction Processing",
     "requirement_id": "§1798.120",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "PM-01",
     "name": "Privacy Incident Detection",
     "requirement_id": "§1798.150 (private right of action)",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "PM-06",
     "name": "Privacy Breach Notification Management",
     "requirement_id": "§1798.150 (private right of action)",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "PC-01",
     "name": "Regulatory Obligation Mapping",
     "requirement_id": "§1798.140",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "PC-03",
     "name": "Jurisdiction-Specific Compliance Package",
     "requirement_id": "§1798.135",
     "fit": "partial"
    }
   ],
   "source_refs": [
    {
     "domain": "model",
     "control": "TG-03",
     "name": "Data Rights, Lawful Authority and Permitted Use",
     "relationship": "normative_requirement"
    },
    {
     "domain": "model",
     "control": "TG-08",
     "name": "Dataset Retention, Deletion and Lifecycle",
     "relationship": "normative_requirement"
    }
   ],
   "by_domain": {
    "privacy": 18
   },
   "title": "CCPA/CPRA",
   "total": 20
  },
  {
   "source_id": "aws_bedrock_knowledge_bases_2024",
   "framework_refs": [
    {
     "domain": "knowledge",
     "control": "KS-01",
     "name": "Knowledge Source Authorization Register",
     "requirement_id": "Knowledge Base data source configuration",
     "fit": "adjacent"
    },
    {
     "domain": "knowledge",
     "control": "KS-08",
     "name": "Knowledge Sources Evidence Package",
     "requirement_id": "Knowledge Bases audit logging and compliance",
     "fit": "adjacent"
    },
    {
     "domain": "knowledge",
     "control": "KI-02",
     "name": "Knowledge Poisoning Detection and Prevention",
     "requirement_id": "Guardrails — content filters and contextual grounding check",
     "fit": "adjacent"
    },
    {
     "domain": "knowledge",
     "control": "KR-01",
     "name": "Retrieval Relevance Quality Standards",
     "requirement_id": "Knowledge Bases — Retrieve API relevance scores",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KR-02",
     "name": "Grounding Completeness Requirements",
     "requirement_id": "Guardrails — contextual grounding check",
     "fit": "partial"
    },
    {
     "domain": "knowledge",
     "control": "KR-04",
     "name": "Retrieval Hallucination Detection",
     "requirement_id": "Guardrails — contextual grounding check",
     "fit": "partial"
    },
    {
     "domain": "knowledge",
     "control": "KC-02",
     "name": "Automated Staleness Detection",
     "requirement_id": "Knowledge Bases — data source sync and ingestion job status",
     "fit": "partial"
    },
    {
     "domain": "knowledge",
     "control": "KM-02",
     "name": "Knowledge Base Segmentation and Access Control",
     "requirement_id": "Knowledge Base Data Source Permissions",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KM-07",
     "name": "Knowledge Base Performance and Quality Metrics",
     "requirement_id": "Knowledge Base Metrics and Evaluation",
     "fit": "partial"
    },
    {
     "domain": "knowledge",
     "control": "KG-05",
     "name": "External Knowledge Provider Governance",
     "requirement_id": "Knowledge Base Data Source Configuration",
     "fit": "adjacent"
    }
   ],
   "source_refs": [
    {
     "domain": "knowledge",
     "control": "KS-01",
     "name": "Knowledge Source Authorization Register",
     "relationship": "informative_reference"
    },
    {
     "domain": "knowledge",
     "control": "KS-08",
     "name": "Knowledge Sources Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "knowledge",
     "control": "KI-02",
     "name": "Knowledge Poisoning Detection and Prevention",
     "relationship": "informative_reference"
    },
    {
     "domain": "knowledge",
     "control": "KR-01",
     "name": "Retrieval Relevance Quality Standards",
     "relationship": "informative_reference"
    },
    {
     "domain": "knowledge",
     "control": "KR-02",
     "name": "Grounding Completeness Requirements",
     "relationship": "informative_reference"
    },
    {
     "domain": "knowledge",
     "control": "KR-04",
     "name": "Retrieval Hallucination Detection",
     "relationship": "informative_reference"
    },
    {
     "domain": "knowledge",
     "control": "KC-02",
     "name": "Automated Staleness Detection",
     "relationship": "informative_reference"
    },
    {
     "domain": "knowledge",
     "control": "KM-02",
     "name": "Knowledge Base Segmentation and Access Control",
     "relationship": "informative_reference"
    },
    {
     "domain": "knowledge",
     "control": "KM-07",
     "name": "Knowledge Base Performance and Quality Metrics",
     "relationship": "informative_reference"
    },
    {
     "domain": "knowledge",
     "control": "KG-05",
     "name": "External Knowledge Provider Governance",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {
    "knowledge": 10
   },
   "title": "Amazon Bedrock Knowledge Bases",
   "total": 20
  },
  {
   "source_id": "bcbs_239",
   "framework_refs": [
    {
     "domain": "finance",
     "control": "MR-01",
     "name": "SR 26-2 Model Inventory and Risk Tiering",
     "requirement_id": "Principle 2",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MR-03",
     "name": "Pre-Deployment Model Risk Assessment",
     "requirement_id": "Principle 7",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MR-05",
     "name": "Ongoing Model Risk Monitoring",
     "requirement_id": "Principle 8",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MR-08",
     "name": "Model Risk Evidence Package",
     "requirement_id": "Principle 11",
     "fit": "adjacent"
    },
    {
     "domain": "finance",
     "control": "MV-02",
     "name": "Conceptual Soundness Assessment",
     "requirement_id": "Principle 3",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MV-03",
     "name": "Outcome Analysis and Backtesting",
     "requirement_id": "Principle 8",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MV-04",
     "name": "Benchmarking and Challenger Models",
     "requirement_id": "Principle 7",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MV-05",
     "name": "Validation Frequency and Trigger-Based Review",
     "requirement_id": "Principle 9",
     "fit": "adjacent"
    },
    {
     "domain": "finance",
     "control": "MV-06",
     "name": "Validation Scope for AI/ML and LLM Models",
     "requirement_id": "Principle 7",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MV-08",
     "name": "Model Validation Evidence Package",
     "requirement_id": "Principle 11",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FD-01",
     "name": "AI-Driven Decision Transparency and Auditability",
     "requirement_id": "Principle 2",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FD-04",
     "name": "Model Output Disclosure to Financial Regulators",
     "requirement_id": "Principle 9",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FD-07",
     "name": "Model Transparency Dashboard for Senior Management",
     "requirement_id": "Principle 9",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FC-02",
     "name": "AI-Generated Output Materiality Assessment",
     "requirement_id": "Principle 2",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FC-03",
     "name": "Reconciliation Controls for AI-Influenced Financial Outputs",
     "requirement_id": "Principle 3",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FC-07",
     "name": "Financial Data Integrity Monitoring",
     "requirement_id": "Principles 2-4",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FP-05",
     "name": "Data Governance Policy for Financial AI",
     "requirement_id": "Principles 2 & 3",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FG-05",
     "name": "Finance AI Incident Response Integration",
     "requirement_id": "Principle 10",
     "fit": "adjacent"
    },
    {
     "domain": "finance",
     "control": "FG-06",
     "name": "Financial AI Program Metrics and Board Reporting",
     "requirement_id": "Principle 8",
     "fit": "partial"
    }
   ],
   "source_refs": [],
   "by_domain": {
    "finance": 19
   },
   "title": "BCBS 239",
   "total": 19
  },
  {
   "source_id": "ccpa_cpra_2023",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "privacy",
     "control": "DC-02",
     "name": "Special Category Data Classification",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DC-03",
     "name": "Consent Registry",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DC-05",
     "name": "Consent Withdrawal Processing",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DC-07",
     "name": "Children's Data Controls",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DG-02",
     "name": "Data Processor Agreements",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DG-06",
     "name": "Data Breach Response",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DG-07",
     "name": "Data Retention and Deletion Schedule",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DS-01",
     "name": "Rights Request Reception",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DS-02",
     "name": "Identity Verification for Rights Requests",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DS-03",
     "name": "Access Request Fulfillment",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DS-04",
     "name": "Erasure and Anonymization",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DS-05",
     "name": "Automated Decision Explanation Rights",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DS-06",
     "name": "Portability and Interoperability",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DS-07",
     "name": "Objection and Restriction Processing",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "PM-01",
     "name": "Privacy Incident Detection",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "PM-06",
     "name": "Privacy Breach Notification Management",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "PC-01",
     "name": "Regulatory Obligation Mapping",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "PC-03",
     "name": "Jurisdiction-Specific Compliance Package",
     "relationship": "normative_requirement"
    }
   ],
   "by_domain": {},
   "title": "California Consumer Privacy Act (CPRA) + CPPA ADMT Regulations",
   "total": 18
  },
  {
   "source_id": "google_vertex_ai_rag_2024",
   "framework_refs": [
    {
     "domain": "knowledge",
     "control": "KS-02",
     "name": "Source Authority Classification",
     "requirement_id": "RAG grounding quality configuration",
     "fit": "adjacent"
    },
    {
     "domain": "knowledge",
     "control": "KS-07",
     "name": "Source Attribution and Citation Disclosure Requirements",
     "requirement_id": "Grounding citations and source attribution",
     "fit": "adjacent"
    },
    {
     "domain": "knowledge",
     "control": "KI-05",
     "name": "Copyright and License Compliance at Ingestion",
     "requirement_id": "Grounding — Data Source Configuration",
     "fit": "adjacent"
    },
    {
     "domain": "knowledge",
     "control": "KR-01",
     "name": "Retrieval Relevance Quality Standards",
     "requirement_id": "Grounded generation — grounding support scores",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KR-02",
     "name": "Grounding Completeness Requirements",
     "requirement_id": "Grounded generation — grounding supports and citations",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KR-04",
     "name": "Retrieval Hallucination Detection",
     "requirement_id": "Check Grounding API",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KR-06",
     "name": "Retrieval Performance Monitoring",
     "requirement_id": "Vertex AI RAG Engine — retrieval telemetry and evaluation",
     "fit": "partial"
    },
    {
     "domain": "knowledge",
     "control": "KC-02",
     "name": "Automated Staleness Detection",
     "requirement_id": "Vertex AI RAG — metadata filters at query time",
     "fit": "partial"
    },
    {
     "domain": "knowledge",
     "control": "KM-05",
     "name": "Knowledge-to-Output Lineage Tracking",
     "requirement_id": "Grounding and Citation APIs",
     "fit": "partial"
    }
   ],
   "source_refs": [
    {
     "domain": "knowledge",
     "control": "KS-02",
     "name": "Source Authority Classification",
     "relationship": "informative_reference"
    },
    {
     "domain": "knowledge",
     "control": "KS-07",
     "name": "Source Attribution and Citation Disclosure Requirements",
     "relationship": "informative_reference"
    },
    {
     "domain": "knowledge",
     "control": "KI-05",
     "name": "Copyright and License Compliance at Ingestion",
     "relationship": "informative_reference"
    },
    {
     "domain": "knowledge",
     "control": "KR-01",
     "name": "Retrieval Relevance Quality Standards",
     "relationship": "informative_reference"
    },
    {
     "domain": "knowledge",
     "control": "KR-02",
     "name": "Grounding Completeness Requirements",
     "relationship": "informative_reference"
    },
    {
     "domain": "knowledge",
     "control": "KR-04",
     "name": "Retrieval Hallucination Detection",
     "relationship": "informative_reference"
    },
    {
     "domain": "knowledge",
     "control": "KR-06",
     "name": "Retrieval Performance Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "knowledge",
     "control": "KC-02",
     "name": "Automated Staleness Detection",
     "relationship": "informative_reference"
    },
    {
     "domain": "knowledge",
     "control": "KM-05",
     "name": "Knowledge-to-Output Lineage Tracking",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {
    "knowledge": 9
   },
   "title": "Google Vertex AI RAG & Grounding",
   "total": 18
  },
  {
   "source_id": "openid",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "security",
     "control": "IA-02",
     "name": "Hand out short-lived, task-scoped keys (no long-lived secrets)",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "IA-03",
     "name": "Act on the user's behalf with explicit approval for sensitive steps",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "IA-06",
     "name": "Bind a signed, end-to-end provenance chain to every agent action",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "II-03",
     "name": "Cryptographic Identity Binding",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "II-07",
     "name": "Identity Metadata, Capability Manifest and Artifact Binding",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "NI-02",
     "name": "Credential Issuance and Minimum Privilege",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "NI-04",
     "name": "Just-In-Time Credential Issuance",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "DE-01",
     "name": "Delegation Chain Documentation",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "DE-02",
     "name": "Scope Boundary Enforcement",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "DE-03",
     "name": "Delegation Depth Limits",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "DE-04",
     "name": "Task-Scoped Delegation",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "DE-05",
     "name": "User Consent for Delegated AI Action",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "DE-08",
     "name": "Delegation Revocation Propagation",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "IF-02",
     "name": "OIDC/OAuth Federation Configuration",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "IF-03",
     "name": "Cross-Organizational Agent Authentication",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "IF-06",
     "name": "Token Validation and Binding",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "IC-08",
     "name": "Identity Attestation Production",
     "relationship": "implementation_pattern"
    }
   ],
   "by_domain": {},
   "title": "OpenID Connect + OAuth 2.0 + RFC 9396",
   "total": 17
  },
  {
   "source_id": "google_dataplex_bigquery_2024",
   "framework_refs": [
    {
     "domain": "data",
     "control": "DX-03",
     "name": "API Contract Governance for AI Data Exchange",
     "requirement_id": "Dataplex Universal Catalog (Data Catalog successor)",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DI-02",
     "name": "Tamper Detection for AI Inference Inputs",
     "requirement_id": "Dataplex Auto Data Quality (scheduled/batch scans)",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DI-05",
     "name": "Database and Storage Integrity Monitoring",
     "requirement_id": "Cloud Storage — Object Integrity and Retention Lock",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DM-05",
     "name": "Data Quality Standards and Target Setting",
     "requirement_id": "Auto Data Quality",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DM-06",
     "name": "Data Schema Governance and Breaking Change Control",
     "requirement_id": "BigQuery schema management",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DL-04",
     "name": "Transformation and Enrichment Lineage",
     "requirement_id": "Data Lineage API",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DV-02",
     "name": "Data Quality Gate Enforcement",
     "requirement_id": "Dataplex Data Quality — Quality Rules",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DV-03",
     "name": "Statistical Distribution Validation",
     "requirement_id": "Dataplex Data Profile Scans",
     "fit": "partial"
    }
   ],
   "source_refs": [
    {
     "domain": "data",
     "control": "DX-03",
     "name": "API Contract Governance for AI Data Exchange",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DI-02",
     "name": "Tamper Detection for AI Inference Inputs",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DI-05",
     "name": "Database and Storage Integrity Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DM-05",
     "name": "Data Quality Standards and Target Setting",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DM-06",
     "name": "Data Schema Governance and Breaking Change Control",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DL-04",
     "name": "Transformation and Enrichment Lineage",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DV-02",
     "name": "Data Quality Gate Enforcement",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DV-03",
     "name": "Statistical Distribution Validation",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {
    "data": 8
   },
   "title": "Google Cloud Dataplex & BigQuery",
   "total": 16
  },
  {
   "source_id": "nist_800_160v2",
   "framework_refs": [
    {
     "domain": "resilience",
     "control": "RV-03",
     "name": "Chaos Engineering for AI Systems",
     "requirement_id": "§2.1.3",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RV-07",
     "name": "Degraded-Mode AI Operation Testing",
     "requirement_id": "§2.1.2",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RP-05",
     "name": "Recovery Priority Classification for AI Systems",
     "requirement_id": "Appendix D — Focus on common critical assets",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RO-02",
     "name": "Model Rollback Execution and Validation",
     "requirement_id": "§2.1.3",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "FO-01",
     "name": "Graceful Degradation Design Patterns",
     "requirement_id": "§2.1.1",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "FO-02",
     "name": "Circuit Breaker Implementation for AI Integrations",
     "requirement_id": "§2.1.3",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "FO-04",
     "name": "Input Validation and Malformed Request Handling",
     "requirement_id": "§2.1.3",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "FO-05",
     "name": "Cascade Failure Prevention in Multi-Agent Pipelines",
     "requirement_id": "§2.1.3",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "FO-07",
     "name": "Fault Tolerance Test Coverage",
     "requirement_id": "§3.2",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RE-01",
     "name": "High Availability Architecture for AI Systems",
     "requirement_id": "§2.1.3",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RE-02",
     "name": "Stateless Agent Design and Session Recovery",
     "requirement_id": "§2.1.3",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RE-04",
     "name": "Infrastructure-as-Code for Reproducible Recovery",
     "requirement_id": "§2.1.3",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RE-05",
     "name": "Dependency Isolation and Bulkhead Patterns",
     "requirement_id": "§2.1.3",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RE-07",
     "name": "Resilience Engineering Review in Development Lifecycle",
     "requirement_id": "§2.2",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RG-08",
     "name": "ResilienceAttestation Production",
     "requirement_id": "§3.2",
     "fit": "direct"
    }
   ],
   "source_refs": [],
   "by_domain": {
    "resilience": 15
   },
   "title": "nist_800_160v2",
   "total": 15
  },
  {
   "source_id": "scim",
   "framework_refs": [
    {
     "domain": "identity",
     "control": "II-01",
     "name": "AI Agent Identity Registry",
     "requirement_id": "RFC 7644 §3.3",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "II-06",
     "name": "Accountable Owner Binding",
     "requirement_id": "RFC 7643 §4.3",
     "fit": "supporting"
    },
    {
     "domain": "identity",
     "control": "NI-01",
     "name": "Identity Provisioning Gate",
     "requirement_id": "RFC7644 §3.3",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "NI-05",
     "name": "Identity Deprovisioning and Revocation",
     "requirement_id": "RFC7644 §3.6",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "NI-06",
     "name": "Ghost Identity Detection and Remediation",
     "requirement_id": "RFC 7644 §3.4.2",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "DE-08",
     "name": "Delegation Revocation Propagation",
     "requirement_id": "RFC7644 §3.6",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "IC-03",
     "name": "Identity Access Review",
     "requirement_id": "RFC 7644 §3.4",
     "fit": "partial"
    }
   ],
   "source_refs": [
    {
     "domain": "identity",
     "control": "II-01",
     "name": "AI Agent Identity Registry",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "II-06",
     "name": "Accountable Owner Binding",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "NI-01",
     "name": "Identity Provisioning Gate",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "NI-05",
     "name": "Identity Deprovisioning and Revocation",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "NI-06",
     "name": "Ghost Identity Detection and Remediation",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "DE-08",
     "name": "Delegation Revocation Propagation",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "IC-03",
     "name": "Identity Access Review",
     "relationship": "implementation_pattern"
    }
   ],
   "by_domain": {
    "identity": 7
   },
   "title": "SCIM 2.0",
   "total": 14
  },
  {
   "source_id": "acm_ethics",
   "framework_refs": [
    {
     "domain": "ethics",
     "control": "EF-03",
     "name": "Ethical Risk Appetite Definition",
     "requirement_id": "§1.2, §2.5",
     "fit": "adjacent"
    },
    {
     "domain": "ethics",
     "control": "EF-05",
     "name": "EU AI Act Prohibited Practices Governance (Art. 5)",
     "requirement_id": "§1.1, §1.2, §2.5",
     "fit": "adjacent"
    },
    {
     "domain": "ethics",
     "control": "EF-08",
     "name": "Ethics Foundations Evidence Package",
     "requirement_id": "§2.3, §3.7",
     "fit": "adjacent"
    },
    {
     "domain": "ethics",
     "control": "FA-03",
     "name": "Fairness Metric Selection and Justification",
     "requirement_id": "§1.4",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "FA-04",
     "name": "Independent Bias Testing Methodology",
     "requirement_id": "§2.5",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "XP-03",
     "name": "Explanation Fidelity and Accuracy Verification",
     "requirement_id": "§2.5",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "XP-07",
     "name": "Explanation Completeness and Coverage Auditing",
     "requirement_id": "§3.7",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "XP-08",
     "name": "Explainability Evidence Package",
     "requirement_id": "§3.7",
     "fit": "adjacent"
    },
    {
     "domain": "ethics",
     "control": "HI-02",
     "name": "Human Dignity and Autonomy Preservation",
     "requirement_id": "§1.1",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "FM-05",
     "name": "Fairness Incident Response Program",
     "requirement_id": "§1.2",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "FM-07",
     "name": "Fairness Monitoring Audit Trail",
     "requirement_id": "§2.5",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "FM-08",
     "name": "Fairness Monitoring Evidence Package",
     "requirement_id": "§2.5",
     "fit": "adjacent"
    },
    {
     "domain": "ethics",
     "control": "EG-02",
     "name": "AI Ethics Policy Framework",
     "requirement_id": "§1.1–1.4",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "EG-06",
     "name": "Ethics Incident Response",
     "requirement_id": "§1.2",
     "fit": "adjacent"
    }
   ],
   "source_refs": [],
   "by_domain": {
    "ethics": 14
   },
   "title": "ACM Code of Ethics 2018",
   "total": 14
  },
  {
   "source_id": "eu_charter",
   "framework_refs": [
    {
     "domain": "ethics",
     "control": "EF-05",
     "name": "EU AI Act Prohibited Practices Governance (Art. 5)",
     "requirement_id": "Art. 1, 3, 8, 21",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "FA-01",
     "name": "Protected Characteristic Identification and Scope",
     "requirement_id": "Art. 21",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "FA-06",
     "name": "Disparate Impact Analysis",
     "requirement_id": "Art. 21",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "XP-02",
     "name": "Decision-Level Explanation Requirements",
     "requirement_id": "Art. 8, Art. 47",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "XP-06",
     "name": "Technical vs. Non-Technical Explanation Tiers",
     "requirement_id": "Art. 47",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "HI-01",
     "name": "Fundamental Rights Impact Assessment Content Governance",
     "requirement_id": "Art. 1, 8, 21, 47",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "HI-02",
     "name": "Human Dignity and Autonomy Preservation",
     "requirement_id": "Art. 1",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "HI-03",
     "name": "Vulnerable Population Protection",
     "requirement_id": "Art. 26",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "HI-05",
     "name": "Remedy and Redress Mechanisms",
     "requirement_id": "Art. 47",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "HI-06",
     "name": "Consent and Agency Preservation for AI Interactions",
     "requirement_id": "Art. 8",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "HI-07",
     "name": "Child and Minors Safety Controls",
     "requirement_id": "Art. 24",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "HI-08",
     "name": "Human Interests Evidence Package",
     "requirement_id": "Art. 1, 8, 21, 47",
     "fit": "adjacent"
    },
    {
     "domain": "ethics",
     "control": "FM-02",
     "name": "Disparate Outcome Threshold Governance",
     "requirement_id": "Art. 21",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "FM-05",
     "name": "Fairness Incident Response Program",
     "requirement_id": "Art. 21",
     "fit": "partial"
    }
   ],
   "source_refs": [],
   "by_domain": {
    "ethics": 14
   },
   "title": "EU Charter of Fundamental Rights",
   "total": 14
  },
  {
   "source_id": "pcaob_as_2201",
   "framework_refs": [
    {
     "domain": "finance",
     "control": "MR-03",
     "name": "Pre-Deployment Model Risk Assessment",
     "requirement_id": "¶.39",
     "fit": "adjacent"
    },
    {
     "domain": "finance",
     "control": "MR-08",
     "name": "Model Risk Evidence Package",
     "requirement_id": "¶.46",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "MV-01",
     "name": "Independent Validation Function Charter",
     "requirement_id": "¶.24-.28",
     "fit": "adjacent"
    },
    {
     "domain": "finance",
     "control": "MV-07",
     "name": "Validation Finding Escalation and Remediation",
     "requirement_id": "¶.62-.70",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MV-08",
     "name": "Model Validation Evidence Package",
     "requirement_id": "¶.46",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FD-08",
     "name": "Financial Disclosure Evidence Package",
     "requirement_id": "¶.46",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FC-01",
     "name": "SOX 302/404 Controls over AI-Generated Financial Data",
     "requirement_id": "¶.14-.18",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FC-02",
     "name": "AI-Generated Output Materiality Assessment",
     "requirement_id": "¶.20",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FC-03",
     "name": "Reconciliation Controls for AI-Influenced Financial Outputs",
     "requirement_id": "¶.39-.40",
     "fit": "adjacent"
    },
    {
     "domain": "finance",
     "control": "FC-08",
     "name": "Financial Controls Evidence Package",
     "requirement_id": "¶.72-.76",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FP-08",
     "name": "Financial Policy Evidence Package",
     "requirement_id": "¶.39-.42",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FG-02",
     "name": "Senior and Named Accountability for Financial AI Decisions",
     "requirement_id": "¶.24-.28",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FG-07",
     "name": "Annual AI Governance Review",
     "requirement_id": "¶.24-.28",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FG-08",
     "name": "FinanceAttestation Production",
     "requirement_id": "¶.68-.76",
     "fit": "direct"
    }
   ],
   "source_refs": [],
   "by_domain": {
    "finance": 14
   },
   "title": "PCAOB AS 2201",
   "total": 14
  },
  {
   "source_id": "w3c_prov_dm",
   "framework_refs": [
    {
     "domain": "knowledge",
     "control": "KS-04",
     "name": "Source Provenance Documentation",
     "requirement_id": "PROV-DM §2",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KS-07",
     "name": "Source Attribution and Citation Disclosure Requirements",
     "requirement_id": "PROV-DM §5.3.2",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KI-03",
     "name": "Ingestion Format Validation",
     "requirement_id": "PROV-DM §5",
     "fit": "partial"
    },
    {
     "domain": "knowledge",
     "control": "KI-07",
     "name": "Ingestion Audit Trail",
     "requirement_id": "PROV-DM §5",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KI-08",
     "name": "Knowledge Ingestion Evidence Package",
     "requirement_id": "PROV-DM §5.4",
     "fit": "adjacent"
    },
    {
     "domain": "knowledge",
     "control": "KR-03",
     "name": "Citation Fidelity and Accuracy Enforcement",
     "requirement_id": "PROV-DM §5.3.2",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KR-07",
     "name": "Retrieval Audit Trail",
     "requirement_id": "PROV-DM §5.1.4",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KR-08",
     "name": "Knowledge Retrieval Evidence Package",
     "requirement_id": "PROV-DM §5.4",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KC-04",
     "name": "Knowledge Version Control and Change History",
     "requirement_id": "PROV-DM §5.2.2",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KC-08",
     "name": "Knowledge Currency Evidence Package",
     "requirement_id": "PROV-DM §5.4 — Bundles",
     "fit": "partial"
    },
    {
     "domain": "knowledge",
     "control": "KM-03",
     "name": "Knowledge Versioning and Change History",
     "requirement_id": "PROV-DM §2 — Entity and Revision",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KM-05",
     "name": "Knowledge-to-Output Lineage Tracking",
     "requirement_id": "PROV-DM §5.2 — Derivations",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KG-04",
     "name": "Knowledge Risk Assessment",
     "requirement_id": "PROV-DM §2 — Data Model",
     "fit": "partial"
    },
    {
     "domain": "knowledge",
     "control": "KG-08",
     "name": "KnowledgeAttestation Production",
     "requirement_id": "PROV-DM §5.4 — Bundles",
     "fit": "direct"
    }
   ],
   "source_refs": [],
   "by_domain": {
    "knowledge": 14
   },
   "title": "w3c_prov_dm",
   "total": 14
  },
  {
   "source_id": "anthropic_transparency",
   "framework_refs": [
    {
     "domain": "knowledge",
     "control": "KS-05",
     "name": "Competing Source Conflict Resolution",
     "requirement_id": "Model card — known limitations disclosure",
     "fit": "adjacent"
    },
    {
     "domain": "knowledge",
     "control": "KS-07",
     "name": "Source Attribution and Citation Disclosure Requirements",
     "requirement_id": "Model card — knowledge cutoff disclosure",
     "fit": "adjacent"
    },
    {
     "domain": "knowledge",
     "control": "KI-05",
     "name": "Copyright and License Compliance at Ingestion",
     "requirement_id": "Model card — training data description",
     "fit": "adjacent"
    },
    {
     "domain": "knowledge",
     "control": "KR-02",
     "name": "Grounding Completeness Requirements",
     "requirement_id": "Model card — factual-accuracy evaluations and limitations",
     "fit": "adjacent"
    },
    {
     "domain": "knowledge",
     "control": "KR-03",
     "name": "Citation Fidelity and Accuracy Enforcement",
     "requirement_id": "Model card — known limitations and citation-accuracy risks",
     "fit": "adjacent"
    },
    {
     "domain": "knowledge",
     "control": "KR-04",
     "name": "Retrieval Hallucination Detection",
     "requirement_id": "Model card — hallucination and factuality evaluations",
     "fit": "adjacent"
    },
    {
     "domain": "knowledge",
     "control": "KC-05",
     "name": "Knowledge Cutoff Date Disclosure to Users",
     "requirement_id": "Model Card — Training Data Cutoff",
     "fit": "direct"
    }
   ],
   "source_refs": [
    {
     "domain": "knowledge",
     "control": "KS-05",
     "name": "Competing Source Conflict Resolution",
     "relationship": "informative_reference"
    },
    {
     "domain": "knowledge",
     "control": "KS-07",
     "name": "Source Attribution and Citation Disclosure Requirements",
     "relationship": "informative_reference"
    },
    {
     "domain": "knowledge",
     "control": "KI-05",
     "name": "Copyright and License Compliance at Ingestion",
     "relationship": "informative_reference"
    },
    {
     "domain": "knowledge",
     "control": "KR-02",
     "name": "Grounding Completeness Requirements",
     "relationship": "informative_reference"
    },
    {
     "domain": "knowledge",
     "control": "KR-03",
     "name": "Citation Fidelity and Accuracy Enforcement",
     "relationship": "informative_reference"
    },
    {
     "domain": "knowledge",
     "control": "KR-04",
     "name": "Retrieval Hallucination Detection",
     "relationship": "informative_reference"
    },
    {
     "domain": "knowledge",
     "control": "KC-05",
     "name": "Knowledge Cutoff Date Disclosure to Users",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {
    "knowledge": 7
   },
   "title": "Anthropic Model Card & Knowledge Transparency",
   "total": 14
  },
  {
   "source_id": "iso_8000",
   "framework_refs": [
    {
     "domain": "data",
     "control": "DI-01",
     "name": "Data Integrity Baseline and Checksum Monitoring",
     "requirement_id": "ISO 8000-61",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DI-03",
     "name": "Cross-System Data Consistency Validation",
     "requirement_id": "ISO 8000-110",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DI-05",
     "name": "Database and Storage Integrity Monitoring",
     "requirement_id": "ISO 8000-61",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DI-08",
     "name": "Data Integrity Evidence Package",
     "requirement_id": "ISO 8000-61",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DM-04",
     "name": "Master Data Management for AI Systems",
     "requirement_id": "ISO 8000-110",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DM-05",
     "name": "Data Quality Standards and Target Setting",
     "requirement_id": "ISO 8000-8",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DM-07",
     "name": "Synthetic Data Governance",
     "requirement_id": "ISO 8000-8",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DM-08",
     "name": "Data Management Evidence Package",
     "requirement_id": "ISO 8000-61",
     "fit": "adjacent"
    },
    {
     "domain": "data",
     "control": "DL-04",
     "name": "Transformation and Enrichment Lineage",
     "requirement_id": "ISO 8000-120",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DV-01",
     "name": "Schema Validation for AI Inputs",
     "requirement_id": "ISO 8000-8",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DV-02",
     "name": "Data Quality Gate Enforcement",
     "requirement_id": "ISO 8000-8",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DV-08",
     "name": "DataGovernanceAttestation Production",
     "requirement_id": "ISO 8000-61",
     "fit": "partial"
    }
   ],
   "source_refs": [
    {
     "domain": "data",
     "control": "DM-08",
     "name": "Data Management Evidence Package",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "data",
     "control": "DV-08",
     "name": "DataGovernanceAttestation Production",
     "relationship": "implementation_pattern"
    }
   ],
   "by_domain": {
    "data": 12
   },
   "title": "ISO 8000 Data Quality",
   "total": 14
  },
  {
   "source_id": "iso_27001",
   "framework_refs": [
    {
     "domain": "security",
     "control": "EC-12",
     "name": "AI Serving-Stack Vulnerability Management",
     "requirement_id": "A.8.8",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "OB-05",
     "name": "DORA ICT Obligation Tracking",
     "requirement_id": "A.5.31",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "RF-03",
     "name": "EU AI Act Technical Documentation Package (Art. 11)",
     "requirement_id": "A.5.9",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "RF-05",
     "name": "FedRAMP Authorization Support for AI Systems",
     "requirement_id": "A.5.31",
     "fit": "adjacent"
    },
    {
     "domain": "compliance",
     "control": "RF-06",
     "name": "SOC 2 AI-Specific Evidence Production",
     "requirement_id": "A.5.23",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "RF-07",
     "name": "ISO 42001 Certification Pathway",
     "requirement_id": "§4–10",
     "fit": "direct"
    },
    {
     "domain": "compliance",
     "control": "AU-02",
     "name": "Evidence Collection, Curation, and Validation",
     "requirement_id": "A.5.33",
     "fit": "partial"
    },
    {
     "domain": "compliance",
     "control": "AU-04",
     "name": "Audit Trail Integrity",
     "requirement_id": "A.8.15",
     "fit": "direct"
    }
   ],
   "source_refs": [
    {
     "domain": "identity",
     "control": "NI-09",
     "name": "Non-Human Identity Layer Evidence Package",
     "relationship": "normative_requirement"
    },
    {
     "domain": "identity",
     "control": "DE-09",
     "name": "Delegation Layer Evidence Package",
     "relationship": "normative_requirement"
    },
    {
     "domain": "identity",
     "control": "IF-09",
     "name": "Identity Federation Layer Evidence Package",
     "relationship": "normative_requirement"
    },
    {
     "domain": "identity",
     "control": "IM-09",
     "name": "Identity Monitoring Layer Evidence Package",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PE-01",
     "name": "Policy Evidence Archive",
     "relationship": "normative_requirement"
    }
   ],
   "by_domain": {
    "security": 1,
    "compliance": 7
   },
   "title": "ISO/IEC 27001:2022",
   "total": 13
  },
  {
   "source_id": "openid_oauth",
   "framework_refs": [
    {
     "domain": "identity",
     "control": "NI-02",
     "name": "Credential Issuance and Minimum Privilege",
     "requirement_id": "RFC 9396 §2",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "NI-04",
     "name": "Just-In-Time Credential Issuance",
     "requirement_id": "RFC 9396 §6",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "DE-01",
     "name": "Delegation Chain Documentation",
     "requirement_id": "RFC 9396 §2",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "DE-02",
     "name": "Scope Boundary Enforcement",
     "requirement_id": "RFC 9396 §2",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "DE-04",
     "name": "Task-Scoped Delegation",
     "requirement_id": "RFC 9396 §2",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "DE-05",
     "name": "User Consent for Delegated AI Action",
     "requirement_id": "RFC 9396 §2",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "DE-08",
     "name": "Delegation Revocation Propagation",
     "requirement_id": "RFC 9396 §2",
     "fit": "adjacent"
    },
    {
     "domain": "identity",
     "control": "IF-02",
     "name": "OIDC/OAuth Federation Configuration",
     "requirement_id": "RFC 9396",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IF-06",
     "name": "Token Validation and Binding",
     "requirement_id": "RFC 9396 §2",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IF-06",
     "name": "Token Validation and Binding",
     "requirement_id": "RFC 9449 (DPoP)",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IC-04",
     "name": "Privileged Identity Management for AI",
     "requirement_id": "RFC 9449 (DPoP)",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IC-06",
     "name": "Third-Party Identity Provider Audit",
     "requirement_id": "OpenID Connect Core 1.0 §3.1",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IC-08",
     "name": "Identity Attestation Production",
     "requirement_id": "RFC 9396",
     "fit": "direct"
    }
   ],
   "source_refs": [],
   "by_domain": {
    "identity": 13
   },
   "title": "openid_oauth",
   "total": 13
  },
  {
   "source_id": "oecd_cg",
   "framework_refs": [
    {
     "domain": "authority",
     "control": "PA-04",
     "name": "Principal Accountability Binding",
     "requirement_id": "IV — Disclosure and transparency",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PO-07",
     "name": "Third-Party Policy Requirements",
     "requirement_id": "II.F / IV.A — Related party transactions — approval and disclosure",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PR-01",
     "name": "AI Procurement Policy Integration",
     "requirement_id": "V.D — Board responsibilities — key functions (risk management oversight)",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PR-03",
     "name": "Vendor Qualification Enforcement",
     "requirement_id": "V.D — Board responsibilities — key functions (risk management oversight)",
     "fit": "adjacent"
    },
    {
     "domain": "authority",
     "control": "PG-07",
     "name": "Policy Governance Reporting",
     "requirement_id": "V.D — Board responsibilities — key functions (oversight, accountability, and disclosure)",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PE-02",
     "name": "Regulatory Disclosure Readiness",
     "requirement_id": "IV — Disclosure and transparency",
     "fit": "partial"
    },
    {
     "domain": "authority",
     "control": "PE-06",
     "name": "Board and Senior Management Policy Reporting",
     "requirement_id": "IV — Disclosure and transparency",
     "fit": "partial"
    }
   ],
   "source_refs": [
    {
     "domain": "authority",
     "control": "PA-04",
     "name": "Principal Accountability Binding",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PR-01",
     "name": "AI Procurement Policy Integration",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PR-03",
     "name": "Vendor Qualification Enforcement",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PG-07",
     "name": "Policy Governance Reporting",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PE-02",
     "name": "Regulatory Disclosure Readiness",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PE-06",
     "name": "Board and Senior Management Policy Reporting",
     "relationship": "implementation_pattern"
    }
   ],
   "by_domain": {
    "authority": 7
   },
   "title": "G20/OECD Principles of Corporate Governance 2023",
   "total": 13
  },
  {
   "source_id": "snowflake_horizon",
   "framework_refs": [
    {
     "domain": "data",
     "control": "DI-03",
     "name": "Cross-System Data Consistency Validation",
     "requirement_id": "Data Quality Monitoring (data metric functions)",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DM-04",
     "name": "Master Data Management for AI Systems",
     "requirement_id": "Object tagging",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DM-06",
     "name": "Data Schema Governance and Breaking Change Control",
     "requirement_id": "Access History",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DL-07",
     "name": "Data Lineage Tooling Governance",
     "requirement_id": "Access History (object dependency lineage)",
     "fit": "adjacent"
    },
    {
     "domain": "data",
     "control": "DV-04",
     "name": "AI Output Validation Rules",
     "requirement_id": "Data Quality — Quality Metric Functions",
     "fit": "adjacent"
    },
    {
     "domain": "data",
     "control": "DV-06",
     "name": "Validation Pipeline Monitoring",
     "requirement_id": "Snowflake Data Metric Functions — History",
     "fit": "partial"
    }
   ],
   "source_refs": [
    {
     "domain": "data",
     "control": "DX-03",
     "name": "API Contract Governance for AI Data Exchange",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DI-03",
     "name": "Cross-System Data Consistency Validation",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DM-04",
     "name": "Master Data Management for AI Systems",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DM-06",
     "name": "Data Schema Governance and Breaking Change Control",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DL-07",
     "name": "Data Lineage Tooling Governance",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DV-04",
     "name": "AI Output Validation Rules",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DV-06",
     "name": "Validation Pipeline Monitoring",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {
    "data": 6
   },
   "title": "Snowflake Horizon",
   "total": 13
  },
  {
   "source_id": "iso_31000",
   "framework_refs": [
    {
     "domain": "agentic",
     "control": "AB-03",
     "name": "Action Reversibility Classification and Gates",
     "requirement_id": "§6.5.2 — Selection of risk treatment options",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AB-06",
     "name": "Rate Limiting and Resource Budget Enforcement",
     "requirement_id": "§6.6 — Monitoring and review",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AT-07",
     "name": "Tool Usage Audit Trail",
     "requirement_id": "§6.7 — Recording and reporting",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AT-08",
     "name": "Tool Governance Evidence Package",
     "requirement_id": "§6.7 Recording and Reporting",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AO-05",
     "name": "Orchestration Loop and Escalation Detection",
     "requirement_id": "§6.6 — Monitoring and review",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AO-06",
     "name": "Cross-Organization Orchestration Trust Governance",
     "requirement_id": "§6.5 — Risk treatment",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AO-08",
     "name": "Orchestration Governance Evidence Package",
     "requirement_id": "§6.7",
     "fit": "partial"
    },
    {
     "domain": "agentic",
     "control": "AM-04",
     "name": "Resource Consumption Anomaly Monitoring",
     "requirement_id": "§6.6 — Monitoring and review",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AM-08",
     "name": "Monitoring Coverage Evidence Package",
     "requirement_id": "§6.7 — Recording and reporting",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AG-03",
     "name": "Agentic AI Risk Assessment Framework",
     "requirement_id": "§6.4",
     "fit": "direct"
    },
    {
     "domain": "agentic",
     "control": "AG-07",
     "name": "Continuous Improvement and Lessons Learned",
     "requirement_id": "§6.7",
     "fit": "partial"
    }
   ],
   "source_refs": [],
   "by_domain": {
    "agentic": 11
   },
   "title": "ISO 31000:2018",
   "total": 11
  },
  {
   "source_id": "owasp_nhi_2025",
   "framework_refs": [
    {
     "domain": "security",
     "control": "IA-01",
     "name": "Give every agent its own distinct identity, never a shared or human login",
     "requirement_id": "NHI10 Human Use of NHI",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "IA-02",
     "name": "Hand out short-lived, task-scoped keys (no long-lived secrets)",
     "requirement_id": "NHI7 Long-Lived Secrets",
     "fit": "direct"
    },
    {
     "domain": "security",
     "control": "PT-03",
     "name": "Verify skill/tool manifest integrity and sign the supply chain",
     "requirement_id": "NHI3 Vulnerable Third-Party NHI",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "II-01",
     "name": "AI Agent Identity Registry",
     "requirement_id": "NHI1:2025",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "NI-01",
     "name": "Identity Provisioning Gate",
     "requirement_id": "NHI2:2025, NHI5:2025",
     "fit": "direct"
    }
   ],
   "source_refs": [
    {
     "domain": "security",
     "control": "IA-01",
     "name": "Give every agent its own distinct identity, never a shared or human login",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "IA-02",
     "name": "Hand out short-lived, task-scoped keys (no long-lived secrets)",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "PT-03",
     "name": "Verify skill/tool manifest integrity and sign the supply chain",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "II-01",
     "name": "AI Agent Identity Registry",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "NI-01",
     "name": "Identity Provisioning Gate",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {
    "security": 3,
    "identity": 2
   },
   "title": "OWASP Non-Human Identities Top 10",
   "total": 10
  },
  {
   "source_id": "edpb_opinion_28_2024",
   "framework_refs": [
    {
     "domain": "privacy",
     "control": "DC-02",
     "name": "Special Category Data Classification",
     "requirement_id": "Opinion §3",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DC-04",
     "name": "Consent Signal Validation",
     "requirement_id": "Opinion §3.2",
     "fit": "supporting"
    },
    {
     "domain": "privacy",
     "control": "DP-04",
     "name": "Inference Scope Limitation",
     "requirement_id": "inferred data §3",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "DP-05",
     "name": "Output PII Scrubbing",
     "requirement_id": "Opinion §3.2",
     "fit": "direct"
    },
    {
     "domain": "privacy",
     "control": "PM-02",
     "name": "Cross-Context Inference Monitoring",
     "requirement_id": "Opinion §3.3",
     "fit": "direct"
    }
   ],
   "source_refs": [
    {
     "domain": "privacy",
     "control": "DC-02",
     "name": "Special Category Data Classification",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "privacy",
     "control": "DC-04",
     "name": "Consent Signal Validation",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "privacy",
     "control": "DP-04",
     "name": "Inference Scope Limitation",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "privacy",
     "control": "DP-05",
     "name": "Output PII Scrubbing",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "privacy",
     "control": "PM-02",
     "name": "Cross-Context Inference Monitoring",
     "relationship": "supporting_guidance"
    }
   ],
   "by_domain": {
    "privacy": 5
   },
   "title": "EDPB Opinion 28/2024",
   "total": 10
  },
  {
   "source_id": "un_ethics_ai",
   "framework_refs": [
    {
     "domain": "ethics",
     "control": "EF-01",
     "name": "Ethics Principles Adoption and Operationalization",
     "requirement_id": "¶13–¶24 (Values)",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "EF-07",
     "name": "External Ethics Stakeholder Engagement",
     "requirement_id": "¶47 (Multi-stakeholder and adaptive governance)",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "XP-02",
     "name": "Decision-Level Explanation Requirements",
     "requirement_id": "¶37–¶41 (Transparency and explainability)",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "XP-06",
     "name": "Technical vs. Non-Technical Explanation Tiers",
     "requirement_id": "¶37–¶41 (Transparency and explainability)",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "HI-02",
     "name": "Human Dignity and Autonomy Preservation",
     "requirement_id": "¶35–¶36 (Human oversight and determination)",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "HI-03",
     "name": "Vulnerable Population Protection",
     "requirement_id": "¶28–¶30 (Fairness and non-discrimination)",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "HI-06",
     "name": "Consent and Agency Preservation for AI Interactions",
     "requirement_id": "¶37 (Transparency)",
     "fit": "direct"
    },
    {
     "domain": "ethics",
     "control": "FM-06",
     "name": "AI Performance Divergence by Demographic Group",
     "requirement_id": "¶28–¶30 (Fairness and non-discrimination)",
     "fit": "partial"
    },
    {
     "domain": "ethics",
     "control": "EG-03",
     "name": "Senior and Board-Level Ethics Accountability",
     "requirement_id": "¶47 (Multi-stakeholder and adaptive governance)",
     "fit": "adjacent"
    },
    {
     "domain": "ethics",
     "control": "EG-08",
     "name": "EthicsAttestation Production",
     "requirement_id": "¶47 (Multi-stakeholder and adaptive governance)",
     "fit": "adjacent"
    }
   ],
   "source_refs": [],
   "by_domain": {
    "ethics": 10
   },
   "title": "UNESCO AI Ethics Recommendation",
   "total": 10
  },
  {
   "source_id": "omb_a_123",
   "framework_refs": [
    {
     "domain": "finance",
     "control": "MR-02",
     "name": "Model Risk Governance Policy Framework",
     "requirement_id": "Section II.A",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "MR-04",
     "name": "Model Risk Appetite and Material Model Thresholds",
     "requirement_id": "Section II.B",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FD-04",
     "name": "Model Output Disclosure to Financial Regulators",
     "requirement_id": "Section IV.A",
     "fit": "adjacent"
    },
    {
     "domain": "finance",
     "control": "FC-01",
     "name": "SOX 302/404 Controls over AI-Generated Financial Data",
     "requirement_id": "Section III.A",
     "fit": "adjacent"
    },
    {
     "domain": "finance",
     "control": "FC-08",
     "name": "Financial Controls Evidence Package",
     "requirement_id": "Section IV.A",
     "fit": "adjacent"
    },
    {
     "domain": "finance",
     "control": "FP-03",
     "name": "Financial AI Risk Appetite Statement",
     "requirement_id": "Section II.B",
     "fit": "direct"
    },
    {
     "domain": "finance",
     "control": "FG-01",
     "name": "Finance AI Governance Structure",
     "requirement_id": "Section II.A",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FG-03",
     "name": "Board-Level Oversight of Financial AI Risk",
     "requirement_id": "Section III.A",
     "fit": "partial"
    },
    {
     "domain": "finance",
     "control": "FG-06",
     "name": "Financial AI Program Metrics and Board Reporting",
     "requirement_id": "Section VI",
     "fit": "adjacent"
    },
    {
     "domain": "finance",
     "control": "FG-07",
     "name": "Annual AI Governance Review",
     "requirement_id": "Section VI.A",
     "fit": "direct"
    }
   ],
   "source_refs": [],
   "by_domain": {
    "finance": 10
   },
   "title": "OMB Circular A-123",
   "total": 10
  },
  {
   "source_id": "microsoft_azure_ai_search_2024",
   "framework_refs": [
    {
     "domain": "knowledge",
     "control": "KS-06",
     "name": "Knowledge Domain Boundary Definition",
     "requirement_id": "Azure AI Search index scope configuration",
     "fit": "adjacent"
    },
    {
     "domain": "knowledge",
     "control": "KI-03",
     "name": "Ingestion Format Validation",
     "requirement_id": "Azure AI Search — Index Schema",
     "fit": "adjacent"
    },
    {
     "domain": "knowledge",
     "control": "KR-06",
     "name": "Retrieval Performance Monitoring",
     "requirement_id": "Azure AI Search — monitoring and search traffic analytics",
     "fit": "direct"
    },
    {
     "domain": "knowledge",
     "control": "KC-08",
     "name": "Knowledge Currency Evidence Package",
     "requirement_id": "Azure AI Compliance — Evidence Collection for Audits",
     "fit": "adjacent"
    },
    {
     "domain": "knowledge",
     "control": "KM-02",
     "name": "Knowledge Base Segmentation and Access Control",
     "requirement_id": "Azure AI Search Security Filters",
     "fit": "direct"
    }
   ],
   "source_refs": [
    {
     "domain": "knowledge",
     "control": "KS-06",
     "name": "Knowledge Domain Boundary Definition",
     "relationship": "informative_reference"
    },
    {
     "domain": "knowledge",
     "control": "KI-03",
     "name": "Ingestion Format Validation",
     "relationship": "informative_reference"
    },
    {
     "domain": "knowledge",
     "control": "KR-06",
     "name": "Retrieval Performance Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "knowledge",
     "control": "KC-08",
     "name": "Knowledge Currency Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "knowledge",
     "control": "KM-02",
     "name": "Knowledge Base Segmentation and Access Control",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {
    "knowledge": 5
   },
   "title": "Microsoft Azure AI Search & Grounding",
   "total": 10
  },
  {
   "source_id": "hashicorp_vault_aar_2026",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "security",
     "control": "IA-03",
     "name": "Act on the user's behalf with explicit approval for sensitive steps",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "IA-04",
     "name": "Check permission continuously at run time, not just once at login",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "GV-03",
     "name": "Define multi-agent authority and conflict resolution explicitly",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "NI-01",
     "name": "Identity Provisioning Gate",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "NI-02",
     "name": "Credential Issuance and Minimum Privilege",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "agentic",
     "control": "AB-02",
     "name": "Tool-Call Authorization Policy",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "agentic",
     "control": "AT-02",
     "name": "Tool Permission Scoping",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PV-02",
     "name": "Operating Intent Boundary Validation",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "authority",
     "control": "PA-01",
     "name": "Delegation of Authority Integration",
     "relationship": "implementation_pattern"
    }
   ],
   "by_domain": {},
   "title": "HashiCorp Vault AI Agent Authorization Pattern",
   "total": 9
  },
  {
   "source_id": "iso_27031",
   "framework_refs": [
    {
     "domain": "resilience",
     "control": "RV-04",
     "name": "Recovery Capability Verification After Actual Incident",
     "requirement_id": "Cl. 11",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RP-01",
     "name": "AI-Specific Business Continuity Plan",
     "requirement_id": "Cl. 8",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RP-02",
     "name": "AI System Disaster Recovery Plan",
     "requirement_id": "Cl. 10",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RP-07",
     "name": "Recovery Plan Testing and Tabletop Exercises",
     "requirement_id": "Cl. 11",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RP-08",
     "name": "Recovery Planning Evidence Package",
     "requirement_id": "Cl. 10",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RO-04",
     "name": "Recovery Operations Communication Protocol",
     "requirement_id": "Cl. 11",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RO-08",
     "name": "Recovery Operations Evidence Package",
     "requirement_id": "Cl. 11",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RE-08",
     "name": "Resilience Engineering Evidence Package",
     "requirement_id": "Cl. 13",
     "fit": "adjacent"
    },
    {
     "domain": "resilience",
     "control": "RG-08",
     "name": "ResilienceAttestation Production",
     "requirement_id": "Cl. 13",
     "fit": "partial"
    }
   ],
   "source_refs": [],
   "by_domain": {
    "resilience": 9
   },
   "title": "ISO/IEC 27031:2025",
   "total": 9
  },
  {
   "source_id": "plot4ai",
   "framework_refs": [
    {
     "domain": "ethics",
     "control": "EG-09",
     "name": "Environmental Sustainability and Compute Impact Disclosure",
     "requirement_id": "safety-and-environmental-impact",
     "fit": "supporting"
    },
    {
     "domain": "ethics",
     "control": "XP-09",
     "name": "AI Interface Accessibility Conformance",
     "requirement_id": "transparency-and-accessibility",
     "fit": "supporting"
    }
   ],
   "source_refs": [
    {
     "domain": "privacy",
     "control": "DC-01",
     "name": "Personal Data Inventory",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "privacy",
     "control": "DG-01",
     "name": "Data Processing Register",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "ethics",
     "control": "EF-04",
     "name": "Ethics Impact Assessment Framework",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "ethics",
     "control": "FA-02",
     "name": "Algorithmic Bias Impact Assessment",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "ethics",
     "control": "EG-09",
     "name": "Environmental Sustainability and Compute Impact Disclosure",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "ethics",
     "control": "XP-09",
     "name": "AI Interface Accessibility Conformance",
     "relationship": "supporting_guidance"
    }
   ],
   "by_domain": {
    "ethics": 2
   },
   "title": "PLOT4ai Threat Library",
   "total": 8
  },
  {
   "source_id": "dpdp",
   "framework_refs": [
    {
     "domain": "privacy",
     "control": "DC-03",
     "name": "Consent Registry",
     "requirement_id": "s. 6",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DC-05",
     "name": "Consent Withdrawal Processing",
     "requirement_id": "s. 6(4)",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DS-01",
     "name": "Rights Request Reception",
     "requirement_id": "data principal rights ch. III",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "PC-01",
     "name": "Regulatory Obligation Mapping",
     "requirement_id": "s. 3",
     "fit": "partial"
    }
   ],
   "source_refs": [
    {
     "domain": "privacy",
     "control": "DC-03",
     "name": "Consent Registry",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DC-05",
     "name": "Consent Withdrawal Processing",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DS-01",
     "name": "Rights Request Reception",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "PC-01",
     "name": "Regulatory Obligation Mapping",
     "relationship": "normative_requirement"
    }
   ],
   "by_domain": {
    "privacy": 4
   },
   "title": "India DPDP Act 2023",
   "total": 8
  },
  {
   "source_id": "aws_lake_formation_macie_2024",
   "framework_refs": [
    {
     "domain": "data",
     "control": "DI-02",
     "name": "Tamper Detection for AI Inference Inputs",
     "requirement_id": "AWS Glue Schema Registry",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DI-05",
     "name": "Database and Storage Integrity Monitoring",
     "requirement_id": "Amazon S3 — Object Integrity and Checksums",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DM-02",
     "name": "Data Classification and Sensitivity Tagging at Rest",
     "requirement_id": "Amazon Macie",
     "fit": "partial"
    },
    {
     "domain": "data",
     "control": "DV-07",
     "name": "Data Validation Tooling Governance",
     "requirement_id": "AWS Glue Data Quality (DQDL rulesets)",
     "fit": "partial"
    }
   ],
   "source_refs": [
    {
     "domain": "data",
     "control": "DI-02",
     "name": "Tamper Detection for AI Inference Inputs",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DI-05",
     "name": "Database and Storage Integrity Monitoring",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DM-02",
     "name": "Data Classification and Sensitivity Tagging at Rest",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DV-07",
     "name": "Data Validation Tooling Governance",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {
    "data": 4
   },
   "title": "AWS data governance services (Lake Formation, Macie, Glue, S3)",
   "total": 8
  },
  {
   "source_id": "deepmind_ai_control",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "security",
     "control": "GV-02",
     "name": "Keep an immutable, tamper-evident audit trail of what the agent did",
     "relationship": "informative_reference"
    },
    {
     "domain": "security",
     "control": "RT-03",
     "name": "Supervise the agent's reasoning and check it matches its actions",
     "relationship": "informative_reference"
    },
    {
     "domain": "security",
     "control": "RT-04",
     "name": "Detect anomalies and trigger pause, kill switch, or containment",
     "relationship": "informative_reference"
    },
    {
     "domain": "security",
     "control": "RT-07",
     "name": "Detect multi-agent collusion and covert channels",
     "relationship": "informative_reference"
    },
    {
     "domain": "security",
     "control": "RT-08",
     "name": "Monitor latent and representation-level signals, not just visible reasoning",
     "relationship": "informative_reference"
    },
    {
     "domain": "security",
     "control": "AS-03",
     "name": "Gate releases on continuous adversarial validation",
     "relationship": "informative_reference"
    },
    {
     "domain": "security",
     "control": "AS-08",
     "name": "Harden and assure the security control plane as tier-zero infrastructure",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {},
   "title": "AI Control: Improving Safety Despite Intentional Subversion",
   "total": 7
  },
  {
   "source_id": "cisa_agentic",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "security",
     "control": "IA-03",
     "name": "Act on the user's behalf with explicit approval for sensitive steps",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "security",
     "control": "IA-05",
     "name": "Find and inventory every agent, surface the shadow ones",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "security",
     "control": "EC-10",
     "name": "Verify trigger provenance and admit autonomous runs",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "security",
     "control": "GV-01",
     "name": "Require a human hard-stop for irreversible actions",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "security",
     "control": "GV-09",
     "name": "Anchor a named business owner to every agent (accountability)",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "security",
     "control": "GV-11",
     "name": "Plan recovery and compensation for actions the agent already committed",
     "relationship": "supporting_guidance"
    }
   ],
   "by_domain": {},
   "title": "CISA: Careful Adoption of Agentic AI Services",
   "total": 6
  },
  {
   "source_id": "crowdstrike_aidr",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "security",
     "control": "IA-05",
     "name": "Find and inventory every agent, surface the shadow ones",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "PT-02",
     "name": "Authorize tool calls and govern the MCP server registry",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "RT-01",
     "name": "Capture OS-level telemetry of what the agent actually does",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "RT-02",
     "name": "Detect direct and indirect prompt injection at every input and output",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "RT-04",
     "name": "Detect anomalies and trigger pause, kill switch, or containment",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "RT-05",
     "name": "Apply data-loss prevention to agent egress and interactions",
     "relationship": "implementation_pattern"
    }
   ],
   "by_domain": {},
   "title": "CrowdStrike Falcon AIDR",
   "total": 6
  },
  {
   "source_id": "ms_agent_governance_toolkit",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "security",
     "control": "EC-04",
     "name": "Limit filesystem and tool access to the bare minimum",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "PT-02",
     "name": "Authorize tool calls and govern the MCP server registry",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "PT-03",
     "name": "Verify skill/tool manifest integrity and sign the supply chain",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "GV-01",
     "name": "Require a human hard-stop for irreversible actions",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "GV-04",
     "name": "Enforce policy as code at run time, in the request path",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "AS-02",
     "name": "Statically analyze agent skills and manifests in CI",
     "relationship": "implementation_pattern"
    }
   ],
   "by_domain": {},
   "title": "Microsoft Agent Governance Toolkit",
   "total": 6
  },
  {
   "source_id": "etsi_gr_sai_005",
   "framework_refs": [
    {
     "domain": "model",
     "control": "EV-11",
     "name": "Backdoor and Trojan Detection Scanning",
     "requirement_id": "5.3",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "EV-12",
     "name": "Model Inversion and Reconstruction Resistance",
     "requirement_id": "6.4",
     "fit": "supporting"
    }
   ],
   "source_refs": [
    {
     "domain": "model",
     "control": "TG-04",
     "name": "Data Poisoning Prevention",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "model",
     "control": "EV-04",
     "name": "Adversarial Red-Team Testing",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "model",
     "control": "EV-11",
     "name": "Backdoor and Trojan Detection Scanning",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "model",
     "control": "EV-12",
     "name": "Model Inversion and Reconstruction Resistance",
     "relationship": "supporting_guidance"
    }
   ],
   "by_domain": {
    "model": 2
   },
   "title": "ETSI GR SAI 005",
   "total": 6
  },
  {
   "source_id": "uk_duaa",
   "framework_refs": [
    {
     "domain": "privacy",
     "control": "DC-07",
     "name": "Children's Data Controls",
     "requirement_id": "children provisions",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DG-03",
     "name": "International Transfer Mechanism Registry",
     "requirement_id": "international transfer provisions",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DG-04",
     "name": "Transfer Impact Assessment",
     "requirement_id": "TIA equivalent",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DS-03",
     "name": "Access Request Fulfillment",
     "requirement_id": "access rights provisions",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "DS-07",
     "name": "Objection and Restriction Processing",
     "requirement_id": "automated decision rights",
     "fit": "partial"
    },
    {
     "domain": "privacy",
     "control": "PC-03",
     "name": "Jurisdiction-Specific Compliance Package",
     "requirement_id": "Data protection complaints procedure",
     "fit": "partial"
    }
   ],
   "source_refs": [],
   "by_domain": {
    "privacy": 6
   },
   "title": "UK Data (Use and Access) Act 2025",
   "total": 6
  },
  {
   "source_id": "uk_duaa_2025",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "privacy",
     "control": "DC-07",
     "name": "Children's Data Controls",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DG-03",
     "name": "International Transfer Mechanism Registry",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DG-04",
     "name": "Transfer Impact Assessment",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DS-03",
     "name": "Access Request Fulfillment",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "DS-07",
     "name": "Objection and Restriction Processing",
     "relationship": "normative_requirement"
    },
    {
     "domain": "privacy",
     "control": "PC-03",
     "name": "Jurisdiction-Specific Compliance Package",
     "relationship": "normative_requirement"
    }
   ],
   "by_domain": {},
   "title": "Data (Use and Access) Act 2025 (UK DUAA)",
   "total": 6
  },
  {
   "source_id": "eidas2",
   "framework_refs": [
    {
     "domain": "identity",
     "control": "DE-06",
     "name": "Cross-Organizational Delegation Governance",
     "requirement_id": "Art. 6",
     "fit": "adjacent"
    },
    {
     "domain": "identity",
     "control": "IF-01",
     "name": "Identity Federation Trust Framework",
     "requirement_id": "Arts. 19a, 21, 24",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IF-04",
     "name": "DID-Based Cryptographic Agent Identity",
     "requirement_id": "Art. 5a",
     "fit": "adjacent"
    },
    {
     "domain": "identity",
     "control": "IF-05",
     "name": "eIDAS 2.0 Qualified Attestation for EU Operations",
     "requirement_id": "Arts. 45b–45h",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IC-05",
     "name": "Identity Compliance Mapping",
     "requirement_id": "Regulation (EU) 2024/1183",
     "fit": "partial"
    },
    {
     "domain": "identity",
     "control": "IC-06",
     "name": "Third-Party Identity Provider Audit",
     "requirement_id": "Arts. 20–24",
     "fit": "partial"
    }
   ],
   "source_refs": [],
   "by_domain": {
    "identity": 6
   },
   "title": "eIDAS 2.0",
   "total": 6
  },
  {
   "source_id": "w3c_prov",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "knowledge",
     "control": "KI-07",
     "name": "Ingestion Audit Trail",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "knowledge",
     "control": "KI-08",
     "name": "Knowledge Ingestion Evidence Package",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "knowledge",
     "control": "KR-07",
     "name": "Retrieval Audit Trail",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "knowledge",
     "control": "KR-08",
     "name": "Knowledge Retrieval Evidence Package",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "knowledge",
     "control": "KG-04",
     "name": "Knowledge Risk Assessment",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "knowledge",
     "control": "KG-08",
     "name": "KnowledgeAttestation Production",
     "relationship": "implementation_pattern"
    }
   ],
   "by_domain": {},
   "title": "W3C PROV Data Model",
   "total": 6
  },
  {
   "source_id": "csa_maestro",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "security",
     "control": "EC-01",
     "name": "Run the agent in a sandbox, from process isolation up to micro-VMs",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "EC-02",
     "name": "Filter the agent's outbound network traffic",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "GV-03",
     "name": "Define multi-agent authority and conflict resolution explicitly",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "RT-01",
     "name": "Capture OS-level telemetry of what the agent actually does",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "RT-07",
     "name": "Detect multi-agent collusion and covert channels",
     "relationship": "implementation_pattern"
    }
   ],
   "by_domain": {},
   "title": "CSA MAESTRO Framework",
   "total": 5
  },
  {
   "source_id": "plaskett_coding_agent_security",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "security",
     "control": "EC-01",
     "name": "Run the agent in a sandbox, from process isolation up to micro-VMs",
     "relationship": "informative_reference"
    },
    {
     "domain": "security",
     "control": "EC-04",
     "name": "Limit filesystem and tool access to the bare minimum",
     "relationship": "informative_reference"
    },
    {
     "domain": "security",
     "control": "EC-09",
     "name": "Treat the workspace and its config and hooks as untrusted",
     "relationship": "informative_reference"
    },
    {
     "domain": "security",
     "control": "PT-02",
     "name": "Authorize tool calls and govern the MCP server registry",
     "relationship": "informative_reference"
    },
    {
     "domain": "security",
     "control": "RT-02",
     "name": "Detect direct and indirect prompt injection at every input and output",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {},
   "title": "NCC Group: AI Coding Agent Security",
   "total": 5
  },
  {
   "source_id": "ncsc_cisa_secure_ai_2023",
   "framework_refs": [
    {
     "domain": "security",
     "control": "AS-01",
     "name": "Adversarially red-team and evaluate the agent before launch",
     "requirement_id": "deployment.release-ai-responsibly",
     "fit": "supporting"
    }
   ],
   "source_refs": [
    {
     "domain": "security",
     "control": "GV-02",
     "name": "Keep an immutable, tamper-evident audit trail of what the agent did",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "security",
     "control": "RT-06",
     "name": "Map AI-native threats, extend ATT&CK/ATLAS to agentic orchestration",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "model",
     "control": "LI-03",
     "name": "Supply Chain Integrity — Third-Party Model Verification and Cryptographic...",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "agentic",
     "control": "AG-02",
     "name": "Agent Deployment Policy and Pre-Deployment Review Gate",
     "relationship": "supporting_guidance"
    }
   ],
   "by_domain": {
    "security": 1
   },
   "title": "NCSC/CISA Secure AI Dev Guidelines",
   "total": 5
  },
  {
   "source_id": "owasp_ml_top10",
   "framework_refs": [
    {
     "domain": "model",
     "control": "LI-03",
     "name": "Supply Chain Integrity — Third-Party Model Verification and Cryptographic...",
     "requirement_id": "ML06:2023",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "TG-04",
     "name": "Data Poisoning Prevention",
     "requirement_id": "ML02:2023",
     "fit": "supporting"
    },
    {
     "domain": "model",
     "control": "EV-11",
     "name": "Backdoor and Trojan Detection Scanning",
     "requirement_id": "ML10:2023",
     "fit": "partial"
    },
    {
     "domain": "model",
     "control": "EV-12",
     "name": "Model Inversion and Reconstruction Resistance",
     "requirement_id": "ML03:2023",
     "fit": "direct"
    }
   ],
   "source_refs": [
    {
     "domain": "security",
     "control": "AS-01",
     "name": "Adversarially red-team and evaluate the agent before launch",
     "relationship": "supporting_guidance"
    }
   ],
   "by_domain": {
    "model": 4
   },
   "title": "OWASP ML Security Top 10",
   "total": 5
  },
  {
   "source_id": "databricks_omnigent_2026",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "identity",
     "control": "DE-04",
     "name": "Task-Scoped Delegation",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "agentic",
     "control": "AB-01",
     "name": "Authorized Action Scope Manifest",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "agentic",
     "control": "AT-02",
     "name": "Tool Permission Scoping",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "authority",
     "control": "PV-01",
     "name": "Operating Intent Declaration",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "authority",
     "control": "PA-02",
     "name": "Approval Limit Enforcement",
     "relationship": "supporting_guidance"
    }
   ],
   "by_domain": {},
   "title": "Databricks Omnigent — Contextual Policies",
   "total": 5
  },
  {
   "source_id": "eidas2_2024_1183",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "identity",
     "control": "DE-06",
     "name": "Cross-Organizational Delegation Governance",
     "relationship": "normative_requirement"
    },
    {
     "domain": "identity",
     "control": "IF-01",
     "name": "Identity Federation Trust Framework",
     "relationship": "normative_requirement"
    },
    {
     "domain": "identity",
     "control": "IF-04",
     "name": "DID-Based Cryptographic Agent Identity",
     "relationship": "normative_requirement"
    },
    {
     "domain": "identity",
     "control": "IF-05",
     "name": "eIDAS 2.0 Qualified Attestation for EU Operations",
     "relationship": "normative_requirement"
    },
    {
     "domain": "identity",
     "control": "IC-06",
     "name": "Third-Party Identity Provider Audit",
     "relationship": "normative_requirement"
    }
   ],
   "by_domain": {},
   "title": "eIDAS 2.0 — Regulation (EU) 2024/1183",
   "total": 5
  },
  {
   "source_id": "cis_controls_v8",
   "framework_refs": [
    {
     "domain": "resilience",
     "control": "RP-04",
     "name": "RAG Index and Knowledge Base Recovery Plan",
     "requirement_id": "CIS Control 11",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RO-03",
     "name": "Data Recovery and Integrity Verification Post-Incident",
     "requirement_id": "Control 11",
     "fit": "direct"
    },
    {
     "domain": "resilience",
     "control": "RO-06",
     "name": "Recovery Operations Audit Trail",
     "requirement_id": "Control 8.2",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "FO-04",
     "name": "Input Validation and Malformed Request Handling",
     "requirement_id": "Control 16 — Application Software Security",
     "fit": "partial"
    },
    {
     "domain": "resilience",
     "control": "RE-03",
     "name": "Data Redundancy and Backup Governance",
     "requirement_id": "Control 11",
     "fit": "direct"
    }
   ],
   "source_refs": [],
   "by_domain": {
    "resilience": 5
   },
   "title": "CIS Controls v8",
   "total": 5
  },
  {
   "source_id": "aicpa-soc2",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "authority",
     "control": "PA-07",
     "name": "Approval Record and Audit Trail",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PR-05",
     "name": "SLA Commitment Governance",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PR-08",
     "name": "Procurement Audit Trail",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PE-03",
     "name": "Internal Audit Support Package",
     "relationship": "normative_requirement"
    },
    {
     "domain": "authority",
     "control": "PE-08",
     "name": "Policy Attestation",
     "relationship": "normative_requirement"
    }
   ],
   "by_domain": {},
   "title": "AICPA SOC 2 Trust Services Criteria",
   "total": 5
  },
  {
   "source_id": "dcam",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "data",
     "control": "DX-02",
     "name": "Inter-System Data Transfer Authorization",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DI-07",
     "name": "Data Integrity Incident Response",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DM-08",
     "name": "Data Management Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DL-08",
     "name": "Data Lineage Evidence Package",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DV-08",
     "name": "DataGovernanceAttestation Production",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {},
   "title": "DCAM v2.2",
   "total": 5
  },
  {
   "source_id": "did_vc",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "security",
     "control": "IA-01",
     "name": "Give every agent its own distinct identity, never a shared or human login",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "IA-06",
     "name": "Bind a signed, end-to-end provenance chain to every agent action",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "PT-01",
     "name": "Authenticate and sign agent-to-agent communication",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "GV-02",
     "name": "Keep an immutable, tamper-evident audit trail of what the agent did",
     "relationship": "implementation_pattern"
    }
   ],
   "by_domain": {},
   "title": "W3C DID v1.0 & Verifiable Credentials",
   "total": 4
  },
  {
   "source_id": "ping_identity_ai",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "security",
     "control": "IA-01",
     "name": "Give every agent its own distinct identity, never a shared or human login",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "IA-02",
     "name": "Hand out short-lived, task-scoped keys (no long-lived secrets)",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "IA-04",
     "name": "Check permission continuously at run time, not just once at login",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "RT-05",
     "name": "Apply data-loss prevention to agent egress and interactions",
     "relationship": "implementation_pattern"
    }
   ],
   "by_domain": {},
   "title": "Ping Identity: Identity for AI Guide",
   "total": 4
  },
  {
   "source_id": "auth0_genai",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "security",
     "control": "IA-02",
     "name": "Hand out short-lived, task-scoped keys (no long-lived secrets)",
     "relationship": "informative_reference"
    },
    {
     "domain": "security",
     "control": "IA-03",
     "name": "Act on the user's behalf with explicit approval for sensitive steps",
     "relationship": "informative_reference"
    },
    {
     "domain": "security",
     "control": "EC-07",
     "name": "Trust-rank retrieved content before it enters the agent's context",
     "relationship": "informative_reference"
    },
    {
     "domain": "security",
     "control": "GV-01",
     "name": "Require a human hard-stop for irreversible actions",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {},
   "title": "Auth0 for AI Agents",
   "total": 4
  },
  {
   "source_id": "csa_agent_survey",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "security",
     "control": "IA-02",
     "name": "Hand out short-lived, task-scoped keys (no long-lived secrets)",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "IA-05",
     "name": "Find and inventory every agent, surface the shadow ones",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "GV-05",
     "name": "Run an AI management system and tier agents by their autonomy",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "GV-09",
     "name": "Anchor a named business owner to every agent (accountability)",
     "relationship": "implementation_pattern"
    }
   ],
   "by_domain": {},
   "title": "CSA: Securing Autonomous AI Agents",
   "total": 4
  },
  {
   "source_id": "google_saif2",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "security",
     "control": "EC-01",
     "name": "Run the agent in a sandbox, from process isolation up to micro-VMs",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "PT-04",
     "name": "Validate tool input/output, treat tool results as untrusted",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "RT-02",
     "name": "Detect direct and indirect prompt injection at every input and output",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "AS-06",
     "name": "Verify model-weights and training-data provenance before load",
     "relationship": "implementation_pattern"
    }
   ],
   "by_domain": {},
   "title": "Google SAIF v2",
   "total": 4
  },
  {
   "source_id": "anthropic_mcp",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "security",
     "control": "EC-02",
     "name": "Filter the agent's outbound network traffic",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "PT-02",
     "name": "Authorize tool calls and govern the MCP server registry",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "PT-04",
     "name": "Validate tool input/output, treat tool results as untrusted",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "PT-07",
     "name": "Verify tool descriptions for hidden instructions (description injection)",
     "relationship": "implementation_pattern"
    }
   ],
   "by_domain": {},
   "title": "Model Context Protocol",
   "total": 4
  },
  {
   "source_id": "databricks_dasf3",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "security",
     "control": "EC-07",
     "name": "Trust-rank retrieved content before it enters the agent's context",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "GV-02",
     "name": "Keep an immutable, tamper-evident audit trail of what the agent did",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "GV-03",
     "name": "Define multi-agent authority and conflict resolution explicitly",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "GV-08",
     "name": "Make high-impact actions transactional, atomic, idempotent, state-checked",
     "relationship": "implementation_pattern"
    }
   ],
   "by_domain": {},
   "title": "Databricks DASF v3.0",
   "total": 4
  },
  {
   "source_id": "aws_scoping_matrix",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "security",
     "control": "EC-10",
     "name": "Verify trigger provenance and admit autonomous runs",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "GV-01",
     "name": "Require a human hard-stop for irreversible actions",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "GV-05",
     "name": "Run an AI management system and tier agents by their autonomy",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "GV-11",
     "name": "Plan recovery and compensation for actions the agent already committed",
     "relationship": "implementation_pattern"
    }
   ],
   "by_domain": {},
   "title": "AWS Generative AI Security Scoping Matrix",
   "total": 4
  },
  {
   "source_id": "owasp_agentic_threats",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "security",
     "control": "PT-04",
     "name": "Validate tool input/output, treat tool results as untrusted",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "PT-06",
     "name": "Sanitize model-generated tool parameters, not just the schema",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "PT-07",
     "name": "Verify tool descriptions for hidden instructions (description injection)",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "PT-08",
     "name": "Enforce an instruction hierarchy so tool output cannot give the agent orders",
     "relationship": "implementation_pattern"
    }
   ],
   "by_domain": {},
   "title": "OWASP Agentic AI Threats and Mitigations",
   "total": 4
  },
  {
   "source_id": "eu_data_gov_act_2022_868",
   "framework_refs": [
    {
     "domain": "privacy",
     "control": "DG-01",
     "name": "Data Processing Register",
     "requirement_id": "Art. 20 (transparency requirements for data altruism organisations)",
     "fit": "supporting"
    },
    {
     "domain": "data",
     "control": "DA-01",
     "name": "AI Data Access Authorization Framework",
     "requirement_id": "Art. 5-6 (Conditions for re-use)",
     "fit": "direct"
    }
   ],
   "source_refs": [
    {
     "domain": "privacy",
     "control": "DG-01",
     "name": "Data Processing Register",
     "relationship": "normative_requirement"
    },
    {
     "domain": "data",
     "control": "DA-01",
     "name": "AI Data Access Authorization Framework",
     "relationship": "normative_requirement"
    }
   ],
   "by_domain": {
    "privacy": 1,
    "data": 1
   },
   "title": "EU Data Governance Act — Regulation (EU) 2022/868",
   "total": 4
  },
  {
   "source_id": "owasp_aivss",
   "framework_refs": [
    {
     "domain": "agentic",
     "control": "AG-03",
     "name": "Agentic AI Risk Assessment Framework",
     "requirement_id": "AIVSS-AARS",
     "fit": "supporting"
    }
   ],
   "source_refs": [
    {
     "domain": "agentic",
     "control": "AG-02",
     "name": "Agent Deployment Policy and Pre-Deployment Review Gate",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "agentic",
     "control": "AG-03",
     "name": "Agentic AI Risk Assessment Framework",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "agentic",
     "control": "AG-06",
     "name": "Agent Program Metrics and KPIs",
     "relationship": "supporting_guidance"
    }
   ],
   "by_domain": {
    "agentic": 1
   },
   "title": "OWASP AIVSS v0.8",
   "total": 4
  },
  {
   "source_id": "ms_failure_taxonomy",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "security",
     "control": "EC-03",
     "name": "Keep memory short-lived, and validate anything written to it",
     "relationship": "informative_reference"
    },
    {
     "domain": "security",
     "control": "GV-11",
     "name": "Plan recovery and compensation for actions the agent already committed",
     "relationship": "informative_reference"
    },
    {
     "domain": "security",
     "control": "AS-01",
     "name": "Adversarially red-team and evaluate the agent before launch",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {},
   "title": "Taxonomy of Failure Modes in Agentic AI Systems",
   "total": 3
  },
  {
   "source_id": "containment_gap",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "security",
     "control": "EC-03",
     "name": "Keep memory short-lived, and validate anything written to it",
     "relationship": "informative_reference"
    },
    {
     "domain": "security",
     "control": "EC-08",
     "name": "Keep secrets out of the prompt and context",
     "relationship": "informative_reference"
    },
    {
     "domain": "security",
     "control": "EC-09",
     "name": "Treat the workspace and its config and hooks as untrusted",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {},
   "title": "Quantifying LLM Container Sandbox Escape",
   "total": 3
  },
  {
   "source_id": "cisa_sbom_ai",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "security",
     "control": "PT-03",
     "name": "Verify skill/tool manifest integrity and sign the supply chain",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "security",
     "control": "AS-02",
     "name": "Statically analyze agent skills and manifests in CI",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "security",
     "control": "AS-06",
     "name": "Verify model-weights and training-data provenance before load",
     "relationship": "supporting_guidance"
    }
   ],
   "by_domain": {},
   "title": "CISA: Software Bill of Materials for AI",
   "total": 3
  },
  {
   "source_id": "openai_governing_agentic",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "security",
     "control": "GV-07",
     "name": "Protect humans from being deceived by an agent",
     "relationship": "informative_reference"
    },
    {
     "domain": "security",
     "control": "GV-10",
     "name": "Enable end-user responsibility and guard against automation bias",
     "relationship": "informative_reference"
    },
    {
     "domain": "security",
     "control": "RT-04",
     "name": "Detect anomalies and trigger pause, kill switch, or containment",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {},
   "title": "OpenAI Practices for Governing Agentic AI",
   "total": 3
  },
  {
   "source_id": "anthropic_glasswing",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "security",
     "control": "RT-03",
     "name": "Supervise the agent's reasoning and check it matches its actions",
     "relationship": "informative_reference"
    },
    {
     "domain": "security",
     "control": "RT-08",
     "name": "Monitor latent and representation-level signals, not just visible reasoning",
     "relationship": "informative_reference"
    },
    {
     "domain": "security",
     "control": "AS-05",
     "name": "Study frontier offensive capability before public release",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {},
   "title": "Project Glasswing",
   "total": 3
  },
  {
   "source_id": "biml_llm_ara",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "model",
     "control": "LI-05",
     "name": "Training Data Lineage Pointer — Link from Model Registry to TG-Layer Dataset...",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "model",
     "control": "TG-01",
     "name": "Training Data Quality Gates",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "model",
     "control": "BH-09",
     "name": "Synthetic-Content Provenance, Disclosure and Traceability",
     "relationship": "supporting_guidance"
    }
   ],
   "by_domain": {},
   "title": "BIML LLM Risk Analysis",
   "total": 3
  },
  {
   "source_id": "iso_42005_2025",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "model",
     "control": "EV-02",
     "name": "Fitness, Safety, Reliability and Policy-Conformance Evaluation",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "EV-05",
     "name": "Fairness and Bias Evaluation",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "EV-09",
     "name": "Risk and Applicability Classification",
     "relationship": "implementation_pattern"
    }
   ],
   "by_domain": {},
   "title": "ISO/IEC 42005:2025",
   "total": 3
  },
  {
   "source_id": "nis2",
   "framework_refs": [
    {
     "domain": "compliance",
     "control": "RF-02",
     "name": "EU AI Act Conformity Assessment Pathway Selection",
     "requirement_id": "Art. 21 (Cybersecurity risk management)",
     "fit": "supporting"
    }
   ],
   "source_refs": [
    {
     "domain": "compliance",
     "control": "RF-02",
     "name": "EU AI Act Conformity Assessment Pathway Selection",
     "relationship": "normative_requirement"
    },
    {
     "domain": "identity",
     "control": "IC-05",
     "name": "Identity Compliance Mapping",
     "relationship": "normative_requirement"
    }
   ],
   "by_domain": {
    "compliance": 1
   },
   "title": "EU NIS2 Directive",
   "total": 3
  },
  {
   "source_id": "w3c_did_core",
   "framework_refs": [
    {
     "domain": "identity",
     "control": "IF-04",
     "name": "DID-Based Cryptographic Agent Identity",
     "requirement_id": "§4–§5",
     "fit": "direct"
    },
    {
     "domain": "identity",
     "control": "IF-05",
     "name": "eIDAS 2.0 Qualified Attestation for EU Operations",
     "requirement_id": "§4–§5",
     "fit": "adjacent"
    },
    {
     "domain": "identity",
     "control": "IC-08",
     "name": "Identity Attestation Production",
     "requirement_id": "§5.3",
     "fit": "direct"
    }
   ],
   "source_refs": [],
   "by_domain": {
    "identity": 3
   },
   "title": "w3c_did_core",
   "total": 3
  },
  {
   "source_id": "w3c_did",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "identity",
     "control": "IF-04",
     "name": "DID-Based Cryptographic Agent Identity",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "IF-05",
     "name": "eIDAS 2.0 Qualified Attestation for EU Operations",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "identity",
     "control": "IC-08",
     "name": "Identity Attestation Production",
     "relationship": "implementation_pattern"
    }
   ],
   "by_domain": {},
   "title": "W3C DID v1.0",
   "total": 3
  },
  {
   "source_id": "cisa_ai_roadmap",
   "framework_refs": [
    {
     "domain": "agentic",
     "control": "AG-03",
     "name": "Agentic AI Risk Assessment Framework",
     "requirement_id": "Roadmap for AI — Line of Effort 2 (Assure AI Systems)",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AG-05",
     "name": "Agent Incident Response Program",
     "requirement_id": "Roadmap for AI — Line of Effort 3 (Protect Critical Infrastructure from Malicious Use of AI)",
     "fit": "adjacent"
    },
    {
     "domain": "agentic",
     "control": "AG-07",
     "name": "Continuous Improvement and Lessons Learned",
     "requirement_id": "Roadmap for AI — Line of Effort 4 (Collaborate and Communicate on Key AI Efforts)",
     "fit": "adjacent"
    }
   ],
   "source_refs": [],
   "by_domain": {
    "agentic": 3
   },
   "title": "cisa_ai_roadmap",
   "total": 3
  },
  {
   "source_id": "acc_legal_ops_contract_mgmt",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "authority",
     "control": "PO-04",
     "name": "Contract Term Conflict Detection",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PR-04",
     "name": "Contract Review Gate Compliance",
     "relationship": "informative_reference"
    },
    {
     "domain": "authority",
     "control": "PR-06",
     "name": "AI in Contract Negotiation Controls",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {},
   "title": "ACC Legal Operations Contract Management Best Practices",
   "total": 3
  },
  {
   "source_id": "spiffe_spire",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "security",
     "control": "IA-01",
     "name": "Give every agent its own distinct identity, never a shared or human login",
     "relationship": "informative_reference"
    },
    {
     "domain": "identity",
     "control": "NI-01",
     "name": "Identity Provisioning Gate",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {},
   "title": "SPIFFE/SPIRE",
   "total": 2
  },
  {
   "source_id": "nist_nccoe_agent_id",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "security",
     "control": "IA-01",
     "name": "Give every agent its own distinct identity, never a shared or human login",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "security",
     "control": "IA-04",
     "name": "Check permission continuously at run time, not just once at login",
     "relationship": "supporting_guidance"
    }
   ],
   "by_domain": {},
   "title": "NIST NCCoE AI Agent Identity",
   "total": 2
  },
  {
   "source_id": "nist_ai_rmf_playbook",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "security",
     "control": "IA-01",
     "name": "Give every agent its own distinct identity, never a shared or human login",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "security",
     "control": "RT-04",
     "name": "Detect anomalies and trigger pause, kill switch, or containment",
     "relationship": "supporting_guidance"
    }
   ],
   "by_domain": {},
   "title": "NIST AI RMF Playbook",
   "total": 2
  },
  {
   "source_id": "oidc_ciba",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "security",
     "control": "IA-02",
     "name": "Hand out short-lived, task-scoped keys (no long-lived secrets)",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "IA-03",
     "name": "Act on the user's behalf with explicit approval for sensitive steps",
     "relationship": "implementation_pattern"
    }
   ],
   "by_domain": {},
   "title": "OpenID Connect CIBA",
   "total": 2
  },
  {
   "source_id": "ms_copilot_studio_governance",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "security",
     "control": "IA-05",
     "name": "Find and inventory every agent, surface the shadow ones",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "AS-08",
     "name": "Harden and assure the security control plane as tier-zero infrastructure",
     "relationship": "implementation_pattern"
    }
   ],
   "by_domain": {},
   "title": "Microsoft Copilot Studio Security and Governance",
   "total": 2
  },
  {
   "source_id": "a2a_spec",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "security",
     "control": "IA-06",
     "name": "Bind a signed, end-to-end provenance chain to every agent action",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "PT-01",
     "name": "Authenticate and sign agent-to-agent communication",
     "relationship": "implementation_pattern"
    }
   ],
   "by_domain": {},
   "title": "A2A Protocol",
   "total": 2
  },
  {
   "source_id": "anthropic_gtg1002",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "security",
     "control": "PT-02",
     "name": "Authorize tool calls and govern the MCP server registry",
     "relationship": "informative_reference"
    },
    {
     "domain": "security",
     "control": "RT-06",
     "name": "Map AI-native threats, extend ATT&CK/ATLAS to agentic orchestration",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {},
   "title": "Anthropic GTG-1002 Report",
   "total": 2
  },
  {
   "source_id": "openai_agent_builder_safety",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "security",
     "control": "PT-08",
     "name": "Enforce an instruction hierarchy so tool output cannot give the agent orders",
     "relationship": "informative_reference"
    },
    {
     "domain": "security",
     "control": "RT-02",
     "name": "Detect direct and indirect prompt injection at every input and output",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {},
   "title": "OpenAI Agent Builder Safety",
   "total": 2
  },
  {
   "source_id": "cosai_oasis",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "security",
     "control": "GV-05",
     "name": "Run an AI management system and tier agents by their autonomy",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "security",
     "control": "AS-08",
     "name": "Harden and assure the security control plane as tier-zero infrastructure",
     "relationship": "implementation_pattern"
    }
   ],
   "by_domain": {},
   "title": "CoSAI: Coalition for Secure AI",
   "total": 2
  },
  {
   "source_id": "ms_pyrit",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "security",
     "control": "RT-02",
     "name": "Detect direct and indirect prompt injection at every input and output",
     "relationship": "informative_reference"
    },
    {
     "domain": "security",
     "control": "AS-01",
     "name": "Adversarially red-team and evaluate the agent before launch",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {},
   "title": "Microsoft PyRIT",
   "total": 2
  },
  {
   "source_id": "anthropic_attack_navigator",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "security",
     "control": "RT-06",
     "name": "Map AI-native threats, extend ATT&CK/ATLAS to agentic orchestration",
     "relationship": "informative_reference"
    },
    {
     "domain": "security",
     "control": "AS-01",
     "name": "Adversarially red-team and evaluate the agent before launch",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {},
   "title": "Anthropic LLM ATT&CK Navigator",
   "total": 2
  },
  {
   "source_id": "openai_preparedness_v2",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "security",
     "control": "AS-05",
     "name": "Study frontier offensive capability before public release",
     "relationship": "implementation_pattern"
    },
    {
     "domain": "model",
     "control": "EV-03",
     "name": "Dangerous Capability Threshold Assessment",
     "relationship": "implementation_pattern"
    }
   ],
   "by_domain": {},
   "title": "OpenAI Preparedness Framework v2",
   "total": 2
  },
  {
   "source_id": "owasp_aisvs",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "security",
     "control": "EC-11",
     "name": "AI Accelerator Firmware and Trusted Execution Integrity",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "agentic",
     "control": "AB-09",
     "name": "Comprehensive Input Validation and Multimodal Screening",
     "relationship": "supporting_guidance"
    }
   ],
   "by_domain": {},
   "title": "OWASP AISVS 1.0",
   "total": 2
  },
  {
   "source_id": "bsi_ai_fundamentals",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "model",
     "control": "TG-04",
     "name": "Data Poisoning Prevention",
     "relationship": "supporting_guidance"
    },
    {
     "domain": "model",
     "control": "EV-04",
     "name": "Adversarial Red-Team Testing",
     "relationship": "supporting_guidance"
    }
   ],
   "by_domain": {},
   "title": "BSI Security of AI-Systems: Fundamentals",
   "total": 2
  },
  {
   "source_id": "lgpd",
   "framework_refs": [
    {
     "domain": "privacy",
     "control": "DC-01",
     "name": "Personal Data Inventory",
     "requirement_id": "Art. 37",
     "fit": "direct"
    }
   ],
   "source_refs": [
    {
     "domain": "privacy",
     "control": "DC-01",
     "name": "Personal Data Inventory",
     "relationship": "normative_requirement"
    }
   ],
   "by_domain": {
    "privacy": 1
   },
   "title": "Brazil LGPD",
   "total": 2
  },
  {
   "source_id": "china_pipl_2021",
   "framework_refs": [
    {
     "domain": "privacy",
     "control": "DC-01",
     "name": "Personal Data Inventory",
     "requirement_id": "Art. 55 (protection impact assessment)",
     "fit": "partial"
    }
   ],
   "source_refs": [
    {
     "domain": "privacy",
     "control": "DC-01",
     "name": "Personal Data Inventory",
     "relationship": "normative_requirement"
    }
   ],
   "by_domain": {
    "privacy": 1
   },
   "title": "China Personal Information Protection Law (PIPL)",
   "total": 2
  },
  {
   "source_id": "quebec_law_25_2021",
   "framework_refs": [
    {
     "domain": "privacy",
     "control": "DC-01",
     "name": "Personal Data Inventory",
     "requirement_id": "s. 3.3 (Privacy Impact Assessment)",
     "fit": "direct"
    }
   ],
   "source_refs": [
    {
     "domain": "privacy",
     "control": "DC-01",
     "name": "Personal Data Inventory",
     "relationship": "normative_requirement"
    }
   ],
   "by_domain": {
    "privacy": 1
   },
   "title": "Quebec Act Respecting the Protection of Personal Information in the Private Sector (Law 25)",
   "total": 2
  },
  {
   "source_id": "iso_23894",
   "framework_refs": [
    {
     "domain": "ethics",
     "control": "EF-01",
     "name": "Ethics Principles Adoption and Operationalization",
     "requirement_id": "Clause 4 (Risk management principles)",
     "fit": "partial"
    }
   ],
   "source_refs": [
    {
     "domain": "ethics",
     "control": "EF-01",
     "name": "Ethics Principles Adoption and Operationalization",
     "relationship": "implementation_pattern"
    }
   ],
   "by_domain": {
    "ethics": 1
   },
   "title": "ISO/IEC 23894:2023",
   "total": 2
  },
  {
   "source_id": "eeoc_ai_hiring_2023",
   "framework_refs": [
    {
     "domain": "ethics",
     "control": "FA-01",
     "name": "Protected Characteristic Identification and Scope",
     "requirement_id": "Adverse impact assessment under Title VII (Q&A technical assistance; no numbered sections)",
     "fit": "direct"
    }
   ],
   "source_refs": [
    {
     "domain": "ethics",
     "control": "FA-01",
     "name": "Protected Characteristic Identification and Scope",
     "relationship": "supporting_guidance"
    }
   ],
   "by_domain": {
    "ethics": 1
   },
   "title": "EEOC — Select Issues: Assessing Adverse Impact in Software, Algorithms, and Artificial Intelligence Used in Employment Selection Procedures Under Title VII",
   "total": 2
  },
  {
   "source_id": "doj_ai_guidance_2023",
   "framework_refs": [
    {
     "domain": "ethics",
     "control": "FA-01",
     "name": "Protected Characteristic Identification and Scope",
     "requirement_id": "ADA application to algorithmic hiring tools ('screen out' discrimination)",
     "fit": "partial"
    }
   ],
   "source_refs": [
    {
     "domain": "ethics",
     "control": "FA-01",
     "name": "Protected Characteristic Identification and Scope",
     "relationship": "supporting_guidance"
    }
   ],
   "by_domain": {
    "ethics": 1
   },
   "title": "DOJ — Algorithms, Artificial Intelligence, and Disability Discrimination in Hiring",
   "total": 2
  },
  {
   "source_id": "ftc_ai_bias_2022",
   "framework_refs": [
    {
     "domain": "ethics",
     "control": "FA-02",
     "name": "Algorithmic Bias Impact Assessment",
     "requirement_id": "FTC Act §5 (unfair or deceptive practices) — 2021 blog guidance (no numbered sections)",
     "fit": "direct"
    }
   ],
   "source_refs": [
    {
     "domain": "ethics",
     "control": "FA-02",
     "name": "Algorithmic Bias Impact Assessment",
     "relationship": "supporting_guidance"
    }
   ],
   "by_domain": {
    "ethics": 1
   },
   "title": "FTC — Aiming for Truth, Fairness, and Equity in Your Company's Use of AI",
   "total": 2
  },
  {
   "source_id": "occ_2024_7",
   "framework_refs": [
    {
     "domain": "finance",
     "control": "MR-01",
     "name": "SR 26-2 Model Inventory and Risk Tiering",
     "requirement_id": "Model Risk Management booklet (2021)",
     "fit": "direct"
    }
   ],
   "source_refs": [
    {
     "domain": "finance",
     "control": "MR-01",
     "name": "SR 26-2 Model Inventory and Risk Tiering",
     "relationship": "supporting_guidance"
    }
   ],
   "by_domain": {
    "finance": 1
   },
   "title": "OCC Comptroller's Handbook — Model Risk Management",
   "total": 2
  },
  {
   "source_id": "ffiec_it_handbook_da",
   "framework_refs": [
    {
     "domain": "finance",
     "control": "MR-02",
     "name": "Model Risk Governance Policy Framework",
     "requirement_id": "IT Handbook — Development, Acquisition, and Maintenance",
     "fit": "direct"
    }
   ],
   "source_refs": [
    {
     "domain": "finance",
     "control": "MR-02",
     "name": "Model Risk Governance Policy Framework",
     "relationship": "supporting_guidance"
    }
   ],
   "by_domain": {
    "finance": 1
   },
   "title": "FFIEC IT Examination Handbook — Development, Acquisition, and Maintenance",
   "total": 2
  },
  {
   "source_id": "cfpb_adverse_action_2022",
   "framework_refs": [
    {
     "domain": "finance",
     "control": "FD-02",
     "name": "ECOA/Reg B Adverse Action Notice for AI Decisions",
     "requirement_id": "Circular 2022-03 — adverse action for credit decisions based on complex algorithms",
     "fit": "direct"
    }
   ],
   "source_refs": [
    {
     "domain": "finance",
     "control": "FD-02",
     "name": "ECOA/Reg B Adverse Action Notice for AI Decisions",
     "relationship": "supporting_guidance"
    }
   ],
   "by_domain": {
    "finance": 1
   },
   "title": "Consumer Financial Protection Circular 2022-03 — Adverse action notification requirements in connection with credit decisions based on complex algorithms",
   "total": 2
  },
  {
   "source_id": "finra_rn_24_09",
   "framework_refs": [
    {
     "domain": "finance",
     "control": "FC-01",
     "name": "SOX 302/404 Controls over AI-Generated Financial Data",
     "requirement_id": "Regulatory Notice 24-09 (GenAI and LLMs)",
     "fit": "partial"
    }
   ],
   "source_refs": [
    {
     "domain": "finance",
     "control": "FC-01",
     "name": "SOX 302/404 Controls over AI-Generated Financial Data",
     "relationship": "supporting_guidance"
    }
   ],
   "by_domain": {
    "finance": 1
   },
   "title": "FINRA Regulatory Notice 24-09 — Generative AI and Large Language Models",
   "total": 2
  },
  {
   "source_id": "sec_predictive_analytics_2023",
   "framework_refs": [
    {
     "domain": "finance",
     "control": "FC-02",
     "name": "AI-Generated Output Materiality Assessment",
     "requirement_id": "Proposed rule, Release 34-97990 (withdrawn 2025-06-12)",
     "fit": "adjacent"
    }
   ],
   "source_refs": [
    {
     "domain": "finance",
     "control": "FC-02",
     "name": "AI-Generated Output Materiality Assessment",
     "relationship": "supporting_guidance"
    }
   ],
   "by_domain": {
    "finance": 1
   },
   "title": "SEC — Conflicts of Interest Associated with the Use of Predictive Data Analytics by Broker-Dealers and Investment Advisers",
   "total": 2
  },
  {
   "source_id": "openlineage",
   "framework_refs": [
    {
     "domain": "knowledge",
     "control": "KI-02",
     "name": "Knowledge Poisoning Detection and Prevention",
     "requirement_id": "Run events (OpenLineage OpenAPI spec)",
     "fit": "direct"
    },
    {
     "domain": "data",
     "control": "DL-01",
     "name": "End-to-End Data Lineage Tracking",
     "requirement_id": "RunEvent object (OpenLineage.json JSON Schema)",
     "fit": "direct"
    }
   ],
   "source_refs": [],
   "by_domain": {
    "knowledge": 1,
    "data": 1
   },
   "title": "OpenLineage data-lineage specification",
   "total": 2
  },
  {
   "source_id": "openlineage_spec_1_0",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "knowledge",
     "control": "KI-02",
     "name": "Knowledge Poisoning Detection and Prevention",
     "relationship": "informative_reference"
    },
    {
     "domain": "data",
     "control": "DL-01",
     "name": "End-to-End Data Lineage Tracking",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {},
   "title": "OpenLineage — Open Standard for Data Lineage",
   "total": 2
  },
  {
   "source_id": "openai_system_cards_2024",
   "framework_refs": [
    {
     "domain": "knowledge",
     "control": "KC-05",
     "name": "Knowledge Cutoff Date Disclosure to Users",
     "requirement_id": "System Card — Knowledge Limitations",
     "fit": "partial"
    }
   ],
   "source_refs": [
    {
     "domain": "knowledge",
     "control": "KC-05",
     "name": "Knowledge Cutoff Date Disclosure to Users",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {
    "knowledge": 1
   },
   "title": "OpenAI System Cards & Transparency",
   "total": 2
  },
  {
   "source_id": "iso_5259_1_2024",
   "framework_refs": [
    {
     "domain": "data",
     "control": "DX-01",
     "name": "Data Sensitivity Classification Framework for AI",
     "requirement_id": "ISO/IEC 5259-1 §5 (Data quality concepts)",
     "fit": "partial"
    }
   ],
   "source_refs": [
    {
     "domain": "data",
     "control": "DX-01",
     "name": "Data Sensitivity Classification Framework for AI",
     "relationship": "implementation_pattern"
    }
   ],
   "by_domain": {
    "data": 1
   },
   "title": "ISO/IEC 5259-1:2024 — Data Quality for Analytics and ML — Part 1",
   "total": 2
  },
  {
   "source_id": "eu_data_act_2023_2854",
   "framework_refs": [
    {
     "domain": "data",
     "control": "DI-01",
     "name": "Data Integrity Baseline and Checksum Monitoring",
     "requirement_id": "Art. 3 (access by design)",
     "fit": "adjacent"
    }
   ],
   "source_refs": [
    {
     "domain": "data",
     "control": "DI-01",
     "name": "Data Integrity Baseline and Checksum Monitoring",
     "relationship": "normative_requirement"
    }
   ],
   "by_domain": {
    "data": 1
   },
   "title": "EU Data Act — Regulation (EU) 2023/2854",
   "total": 2
  },
  {
   "source_id": "ms_entra_agent_id",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "security",
     "control": "IA-01",
     "name": "Give every agent its own distinct identity, never a shared or human login",
     "relationship": "implementation_pattern"
    }
   ],
   "by_domain": {},
   "title": "Microsoft Entra Agent ID",
   "total": 1
  },
  {
   "source_id": "oauth21",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "security",
     "control": "IA-02",
     "name": "Hand out short-lived, task-scoped keys (no long-lived secrets)",
     "relationship": "implementation_pattern"
    }
   ],
   "by_domain": {},
   "title": "OAuth 2.1",
   "total": 1
  },
  {
   "source_id": "okta_cross_app_access",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "security",
     "control": "IA-03",
     "name": "Act on the user's behalf with explicit approval for sensitive steps",
     "relationship": "implementation_pattern"
    }
   ],
   "by_domain": {},
   "title": "Okta Cross App Access (XAA)",
   "total": 1
  },
  {
   "source_id": "ngac",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "security",
     "control": "IA-04",
     "name": "Check permission continuously at run time, not just once at login",
     "relationship": "implementation_pattern"
    }
   ],
   "by_domain": {},
   "title": "INCITS 565: Next Generation Access Control (NGAC)",
   "total": 1
  },
  {
   "source_id": "google_secure_agents",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "security",
     "control": "IA-04",
     "name": "Check permission continuously at run time, not just once at login",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {},
   "title": "Google: An Introduction to Secure AI Agents",
   "total": 1
  },
  {
   "source_id": "gvisor",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "security",
     "control": "EC-01",
     "name": "Run the agent in a sandbox, from process isolation up to micro-VMs",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {},
   "title": "gVisor Container Sandbox",
   "total": 1
  },
  {
   "source_id": "firecracker",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "security",
     "control": "EC-01",
     "name": "Run the agent in a sandbox, from process isolation up to micro-VMs",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {},
   "title": "AWS Firecracker MicroVM",
   "total": 1
  },
  {
   "source_id": "ms_mxc",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "security",
     "control": "EC-01",
     "name": "Run the agent in a sandbox, from process isolation up to micro-VMs",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {},
   "title": "Microsoft Execution Containers (MXC)",
   "total": 1
  },
  {
   "source_id": "aws_egress_domains",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "security",
     "control": "EC-02",
     "name": "Filter the agent's outbound network traffic",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {},
   "title": "AWS Egress Domain Controls for AI Agents",
   "total": 1
  },
  {
   "source_id": "claude_sandbox_bypass",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "security",
     "control": "EC-02",
     "name": "Filter the agent's outbound network traffic",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {},
   "title": "Claude Code Sandbox Bypass Research",
   "total": 1
  },
  {
   "source_id": "agent_security_bench",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "security",
     "control": "EC-03",
     "name": "Keep memory short-lived, and validate anything written to it",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {},
   "title": "Agent Security Bench (ASB)",
   "total": 1
  },
  {
   "source_id": "gitguardian_mcp_secrets",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "security",
     "control": "EC-08",
     "name": "Keep secrets out of the prompt and context",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {},
   "title": "GitGuardian: Secrets in MCP",
   "total": 1
  },
  {
   "source_id": "beyondidentity_ceros",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "security",
     "control": "PT-01",
     "name": "Authenticate and sign agent-to-agent communication",
     "relationship": "implementation_pattern"
    }
   ],
   "by_domain": {},
   "title": "Ceros: Agentic AI Trust Layer",
   "total": 1
  },
  {
   "source_id": "mcp_authorization",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "security",
     "control": "PT-02",
     "name": "Authorize tool calls and govern the MCP server registry",
     "relationship": "implementation_pattern"
    }
   ],
   "by_domain": {},
   "title": "MCP Authorization Specification",
   "total": 1
  },
  {
   "source_id": "pisanitizer",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "security",
     "control": "PT-06",
     "name": "Sanitize model-generated tool parameters, not just the schema",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {},
   "title": "PISanitizer",
   "total": 1
  },
  {
   "source_id": "iso_ai_series",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "security",
     "control": "GV-05",
     "name": "Run an AI management system and tier agents by their autonomy",
     "relationship": "normative_requirement"
    }
   ],
   "by_domain": {},
   "title": "ISO/IEC JTC 1/SC 42 AI Standards Series",
   "total": 1
  },
  {
   "source_id": "nist_cosais",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "security",
     "control": "GV-05",
     "name": "Run an AI management system and tier agents by their autonomy",
     "relationship": "supporting_guidance"
    }
   ],
   "by_domain": {},
   "title": "NIST COSAiS",
   "total": 1
  },
  {
   "source_id": "nist_caisi",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "security",
     "control": "GV-05",
     "name": "Run an AI management system and tier agents by their autonomy",
     "relationship": "supporting_guidance"
    }
   ],
   "by_domain": {},
   "title": "NIST CAISI",
   "total": 1
  },
  {
   "source_id": "garak",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "security",
     "control": "RT-02",
     "name": "Detect direct and indirect prompt injection at every input and output",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {},
   "title": "Garak LLM Vulnerability Scanner",
   "total": 1
  },
  {
   "source_id": "mitre_attack",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "security",
     "control": "RT-06",
     "name": "Map AI-native threats, extend ATT&CK/ATLAS to agentic orchestration",
     "relationship": "implementation_pattern"
    }
   ],
   "by_domain": {},
   "title": "MITRE ATT&CK",
   "total": 1
  },
  {
   "source_id": "owasp_finbot_ctf",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "security",
     "control": "AS-01",
     "name": "Adversarially red-team and evaluate the agent before launch",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {},
   "title": "OWASP FinBot CTF",
   "total": 1
  },
  {
   "source_id": "agentdojo",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "security",
     "control": "AS-01",
     "name": "Adversarially red-team and evaluate the agent before launch",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {},
   "title": "AgentDojo",
   "total": 1
  },
  {
   "source_id": "promptfoo",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "security",
     "control": "AS-01",
     "name": "Adversarially red-team and evaluate the agent before launch",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {},
   "title": "Promptfoo",
   "total": 1
  },
  {
   "source_id": "openai_bug_bounty",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "security",
     "control": "AS-04",
     "name": "Run a bug-bounty / vulnerability reward program for agentic abuse",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {},
   "title": "OpenAI Bug Bounty Program",
   "total": 1
  },
  {
   "source_id": "deepmind_agi_safety",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "security",
     "control": "AS-05",
     "name": "Study frontier offensive capability before public release",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {},
   "title": "DeepMind AGI Safety Technical Approach",
   "total": 1
  },
  {
   "source_id": "openssf_model_signing",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "security",
     "control": "AS-06",
     "name": "Verify model-weights and training-data provenance before load",
     "relationship": "implementation_pattern"
    }
   ],
   "by_domain": {},
   "title": "OpenSSF Model Signing v1.0",
   "total": 1
  },
  {
   "source_id": "biv_skills",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "security",
     "control": "AS-07",
     "name": "Verify a skill does what it declares (behavioral integrity)",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {},
   "title": "BIV: Behavioral Integrity Verification for AI Agent Skills",
   "total": 1
  },
  {
   "source_id": "cisa_kev",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "security",
     "control": "EC-12",
     "name": "AI Serving-Stack Vulnerability Management",
     "relationship": "supporting_guidance"
    }
   ],
   "by_domain": {},
   "title": "CISA Known Exploited Vulnerabilities (KEV) Catalog",
   "total": 1
  },
  {
   "source_id": "mitchell_2019",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "model",
     "control": "LI-04",
     "name": "Structured Model Documentation — Complete Model Card with All Required Sections",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {},
   "title": "Model Cards for Model Reporting",
   "total": 1
  },
  {
   "source_id": "gdm_fsf_v3_1",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "model",
     "control": "EV-03",
     "name": "Dangerous Capability Threshold Assessment",
     "relationship": "implementation_pattern"
    }
   ],
   "by_domain": {},
   "title": "Frontier Safety Framework v3.1",
   "total": 1
  },
  {
   "source_id": "c2pa_spec_v2",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "model",
     "control": "BH-09",
     "name": "Synthetic-Content Provenance, Disclosure and Traceability",
     "relationship": "implementation_pattern"
    }
   ],
   "by_domain": {},
   "title": "C2PA Technical Specification 2.2",
   "total": 1
  },
  {
   "source_id": "nist_ai_100_4",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "model",
     "control": "BH-09",
     "name": "Synthetic-Content Provenance, Disclosure and Traceability",
     "relationship": "implementation_pattern"
    }
   ],
   "by_domain": {},
   "title": "NIST AI 100-4",
   "total": 1
  },
  {
   "source_id": "sigstore_rekor",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "model",
     "control": "CR-02",
     "name": "Model Evidence Archive and Audit Trail",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {},
   "title": "Sigstore Rekor — Immutable Transparency Log",
   "total": 1
  },
  {
   "source_id": "apeiris_thesis",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "model",
     "control": "CR-08",
     "name": "Cross-Domain Assurance Coordination",
     "relationship": ""
    }
   ],
   "by_domain": {},
   "title": "apeiris_thesis",
   "total": 1
  },
  {
   "source_id": "cnil_ai",
   "framework_refs": [
    {
     "domain": "privacy",
     "control": "PC-01",
     "name": "Regulatory Obligation Mapping",
     "requirement_id": "How-to sheet 2 — Defining a purpose",
     "fit": "direct"
    }
   ],
   "source_refs": [],
   "by_domain": {
    "privacy": 1
   },
   "title": "CNIL recommendations on AI and data protection",
   "total": 1
  },
  {
   "source_id": "cnil_ai_guidance_2023",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "privacy",
     "control": "PC-01",
     "name": "Regulatory Obligation Mapping",
     "relationship": "supporting_guidance"
    }
   ],
   "by_domain": {},
   "title": "CNIL AI Recommendations — Use of Artificial Intelligence and Protection of Personal Data",
   "total": 1
  },
  {
   "source_id": "csa_ai_caiq_v1",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "compliance",
     "control": "CA-01",
     "name": "Regulatory Scope Determination",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {},
   "title": "CSA AI Controls Matrix (AICM) and AI Consensus Assessments Initiative Questionnaire (AI CAIQ)",
   "total": 1
  },
  {
   "source_id": "fedramp_20x",
   "framework_refs": [
    {
     "domain": "compliance",
     "control": "CI-02",
     "name": "Continuous Compliance Monitoring",
     "requirement_id": "KSI-MLA",
     "fit": "direct"
    }
   ],
   "source_refs": [],
   "by_domain": {
    "compliance": 1
   },
   "title": "FedRAMP 20x",
   "total": 1
  },
  {
   "source_id": "spiffe_x509_svid",
   "framework_refs": [
    {
     "domain": "identity",
     "control": "NI-01",
     "name": "Identity Provisioning Gate",
     "requirement_id": "SVID §2",
     "fit": "direct"
    }
   ],
   "source_refs": [],
   "by_domain": {
    "identity": 1
   },
   "title": "spiffe_x509_svid",
   "total": 1
  },
  {
   "source_id": "oauth_security_bcp",
   "framework_refs": [
    {
     "domain": "identity",
     "control": "DE-01",
     "name": "Delegation Chain Documentation",
     "requirement_id": "RFC 9700 §2.1, §2.1.2",
     "fit": "direct"
    }
   ],
   "source_refs": [],
   "by_domain": {
    "identity": 1
   },
   "title": "oauth_security_bcp",
   "total": 1
  },
  {
   "source_id": "rfc_9700_oauth_bcp",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "identity",
     "control": "DE-01",
     "name": "Delegation Chain Documentation",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {},
   "title": "OAuth 2.0 Security Best Current Practice (RFC 9700)",
   "total": 1
  },
  {
   "source_id": "openid_federation",
   "framework_refs": [
    {
     "domain": "identity",
     "control": "IF-01",
     "name": "Identity Federation Trust Framework",
     "requirement_id": "§9 (Entity Configuration)",
     "fit": "direct"
    }
   ],
   "source_refs": [],
   "by_domain": {
    "identity": 1
   },
   "title": "openid_federation",
   "total": 1
  },
  {
   "source_id": "oidc_federation_1_0",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "identity",
     "control": "IF-01",
     "name": "Identity Federation Trust Framework",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {},
   "title": "OpenID Federation 1.0",
   "total": 1
  },
  {
   "source_id": "fapi_2_0",
   "framework_refs": [
    {
     "domain": "identity",
     "control": "IF-02",
     "name": "OIDC/OAuth Federation Configuration",
     "requirement_id": "§5.3.2 (Requirements for authorization servers)",
     "fit": "direct"
    }
   ],
   "source_refs": [],
   "by_domain": {
    "identity": 1
   },
   "title": "FAPI 2.0 Security Profile",
   "total": 1
  },
  {
   "source_id": "fapi_2_0_security_profile",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "identity",
     "control": "IF-02",
     "name": "OIDC/OAuth Federation Configuration",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {},
   "title": "FAPI 2.0 Security Profile",
   "total": 1
  },
  {
   "source_id": "ietf_rfc_6749_oauth2",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "identity",
     "control": "IC-04",
     "name": "Privileged Identity Management for AI",
     "relationship": "implementation_pattern"
    }
   ],
   "by_domain": {},
   "title": "OAuth 2.0 Authorization Framework (RFC 6749)",
   "total": 1
  },
  {
   "source_id": "ietf_rfc_9449_dpop",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "identity",
     "control": "IC-04",
     "name": "Privileged Identity Management for AI",
     "relationship": "implementation_pattern"
    }
   ],
   "by_domain": {},
   "title": "RFC 9449 — OAuth 2.0 Demonstrating Proof of Possession (DPoP)",
   "total": 1
  },
  {
   "source_id": "openid_connect_core_1_0",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "identity",
     "control": "IC-06",
     "name": "Third-Party Identity Provider Audit",
     "relationship": "implementation_pattern"
    }
   ],
   "by_domain": {},
   "title": "OpenID Connect Core 1.0",
   "total": 1
  },
  {
   "source_id": "co_ai_act",
   "framework_refs": [
    {
     "domain": "ethics",
     "control": "EF-01",
     "name": "Ethics Principles Adoption and Operationalization",
     "requirement_id": "§6-1-1701 et seq. (Automated decision-making technology — consumer disclosure and appeal duties)",
     "fit": "partial"
    }
   ],
   "source_refs": [],
   "by_domain": {
    "ethics": 1
   },
   "title": "Colorado AI Act SB 26-189",
   "total": 1
  },
  {
   "source_id": "colorado_sb26_189",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "ethics",
     "control": "EF-01",
     "name": "Ethics Principles Adoption and Operationalization",
     "relationship": "normative_requirement"
    }
   ],
   "by_domain": {},
   "title": "Colorado SB 26-189 — Automated Decision-Making Technology",
   "total": 1
  },
  {
   "source_id": "nyc_ll144",
   "framework_refs": [
    {
     "domain": "ethics",
     "control": "FA-03",
     "name": "Fairness Metric Selection and Justification",
     "requirement_id": "§20-871 (Bias audit requirements)",
     "fit": "direct"
    }
   ],
   "source_refs": [],
   "by_domain": {
    "ethics": 1
   },
   "title": "NYC Local Law 144",
   "total": 1
  },
  {
   "source_id": "nyc_ll144_2021",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "ethics",
     "control": "FA-03",
     "name": "Fairness Metric Selection and Justification",
     "relationship": "normative_requirement"
    }
   ],
   "by_domain": {},
   "title": "NYC Local Law 144 — Automated Employment Decision Tools",
   "total": 1
  },
  {
   "source_id": "enisa_ai",
   "framework_refs": [
    {
     "domain": "resilience",
     "control": "RV-01",
     "name": "AI System RTO/RPO Definition and Validation",
     "requirement_id": "Cybersecurity of AI and Standardisation (2023) — document-level",
     "fit": "adjacent"
    }
   ],
   "source_refs": [],
   "by_domain": {
    "resilience": 1
   },
   "title": "ENISA guidance on securing AI",
   "total": 1
  },
  {
   "source_id": "enisa_ai_cybersec_2023",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "resilience",
     "control": "RV-01",
     "name": "AI System RTO/RPO Definition and Validation",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {},
   "title": "ENISA — Cybersecurity of AI and Standardisation",
   "total": 1
  },
  {
   "source_id": "opa_rego",
   "framework_refs": [
    {
     "domain": "authority",
     "control": "PO-01",
     "name": "Internal Policy Register for AI Deployments",
     "requirement_id": "OPA Policy Language documentation (Rego)",
     "fit": "direct"
    }
   ],
   "source_refs": [],
   "by_domain": {
    "authority": 1
   },
   "title": "Open Policy Agent (OPA) / Rego policy language",
   "total": 1
  },
  {
   "source_id": "src-po01-3",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "authority",
     "control": "PO-01",
     "name": "Internal Policy Register for AI Deployments",
     "relationship": ""
    }
   ],
   "by_domain": {},
   "title": "src-po01-3",
   "total": 1
  },
  {
   "source_id": "opa_rego_docs_2024",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "authority",
     "control": "PO-01",
     "name": "Internal Policy Register for AI Deployments",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {},
   "title": "Open Policy Agent — Policy Language and Documentation",
   "total": 1
  },
  {
   "source_id": "src-po03-3",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "authority",
     "control": "PO-03",
     "name": "Contractual Obligation Extraction",
     "relationship": ""
    }
   ],
   "by_domain": {},
   "title": "src-po03-3",
   "total": 1
  },
  {
   "source_id": "src-po06-4",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "authority",
     "control": "PO-06",
     "name": "Communication and Commitment Policy",
     "relationship": ""
    }
   ],
   "by_domain": {},
   "title": "src-po06-4",
   "total": 1
  },
  {
   "source_id": "itil4_service_level_mgmt",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "authority",
     "control": "PR-05",
     "name": "SLA Commitment Governance",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {},
   "title": "ITIL 4 — Service Level Management",
   "total": 1
  },
  {
   "source_id": "internal-policy-ai-governance-003",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "authority",
     "control": "PG-01",
     "name": "Policy Adherence Monitoring",
     "relationship": ""
    }
   ],
   "by_domain": {},
   "title": "internal-policy-ai-governance-003",
   "total": 1
  },
  {
   "source_id": "internal-policy-authority-limits-001",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "authority",
     "control": "PG-02",
     "name": "Authority Limit Monitoring",
     "relationship": ""
    }
   ],
   "by_domain": {},
   "title": "internal-policy-authority-limits-001",
   "total": 1
  },
  {
   "source_id": "internal-policy-contract-monitoring-002",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "authority",
     "control": "PG-03",
     "name": "Contract Obligation Compliance Monitoring",
     "relationship": ""
    }
   ],
   "by_domain": {},
   "title": "internal-policy-contract-monitoring-002",
   "total": 1
  },
  {
   "source_id": "internal-policy-incident-response-005",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "authority",
     "control": "PG-04",
     "name": "Policy Incident Classification and Response",
     "relationship": ""
    }
   ],
   "by_domain": {},
   "title": "internal-policy-incident-response-005",
   "total": 1
  },
  {
   "source_id": "internal-policy-knowledge-currency-004",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "authority",
     "control": "PG-05",
     "name": "Knowledge Source Staleness Detection",
     "relationship": ""
    }
   ],
   "by_domain": {},
   "title": "internal-policy-knowledge-currency-004",
   "total": 1
  },
  {
   "source_id": "internal-policy-intent-governance-006",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "authority",
     "control": "PG-06",
     "name": "Operating Intent Drift Detection",
     "relationship": ""
    }
   ],
   "by_domain": {},
   "title": "internal-policy-intent-governance-006",
   "total": 1
  },
  {
   "source_id": "internal-policy-governance-reporting-007",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "authority",
     "control": "PG-07",
     "name": "Policy Governance Reporting",
     "relationship": ""
    }
   ],
   "by_domain": {},
   "title": "internal-policy-governance-reporting-007",
   "total": 1
  },
  {
   "source_id": "internal-policy-lessons-learned-008",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "authority",
     "control": "PG-08",
     "name": "Lessons Learned and Policy Improvement",
     "relationship": ""
    }
   ],
   "by_domain": {},
   "title": "internal-policy-lessons-learned-008",
   "total": 1
  },
  {
   "source_id": "src-pe01-03",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "authority",
     "control": "PE-01",
     "name": "Policy Evidence Archive",
     "relationship": ""
    }
   ],
   "by_domain": {},
   "title": "src-pe01-03",
   "total": 1
  },
  {
   "source_id": "src-pe02-04",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "authority",
     "control": "PE-02",
     "name": "Regulatory Disclosure Readiness",
     "relationship": ""
    }
   ],
   "by_domain": {},
   "title": "src-pe02-04",
   "total": 1
  },
  {
   "source_id": "src-pe03-04",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "authority",
     "control": "PE-03",
     "name": "Internal Audit Support Package",
     "relationship": ""
    }
   ],
   "by_domain": {},
   "title": "src-pe03-04",
   "total": 1
  },
  {
   "source_id": "src-pe04-03",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "authority",
     "control": "PE-04",
     "name": "Cross-Domain Policy Evidence Integration",
     "relationship": ""
    }
   ],
   "by_domain": {},
   "title": "src-pe04-03",
   "total": 1
  },
  {
   "source_id": "src-pe05-03",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "authority",
     "control": "PE-05",
     "name": "Contract Audit Trail",
     "relationship": ""
    }
   ],
   "by_domain": {},
   "title": "src-pe05-03",
   "total": 1
  },
  {
   "source_id": "src-pe05-04",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "authority",
     "control": "PE-05",
     "name": "Contract Audit Trail",
     "relationship": ""
    }
   ],
   "by_domain": {},
   "title": "src-pe05-04",
   "total": 1
  },
  {
   "source_id": "src-pe06-04",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "authority",
     "control": "PE-06",
     "name": "Board and Senior Management Policy Reporting",
     "relationship": ""
    }
   ],
   "by_domain": {},
   "title": "src-pe06-04",
   "total": 1
  },
  {
   "source_id": "src-pe07-04",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "authority",
     "control": "PE-07",
     "name": "Policy Governance Program Assessment",
     "relationship": ""
    }
   ],
   "by_domain": {},
   "title": "src-pe07-04",
   "total": 1
  },
  {
   "source_id": "src-pe08-04",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "authority",
     "control": "PE-08",
     "name": "Policy Attestation",
     "relationship": ""
    }
   ],
   "by_domain": {},
   "title": "src-pe08-04",
   "total": 1
  },
  {
   "source_id": "c2pa_spec",
   "framework_refs": [
    {
     "domain": "knowledge",
     "control": "KS-01",
     "name": "Knowledge Source Authorization Register",
     "requirement_id": "Content Credentials (C2PA manifests)",
     "fit": "direct"
    }
   ],
   "source_refs": [],
   "by_domain": {
    "knowledge": 1
   },
   "title": "c2pa_spec",
   "total": 1
  },
  {
   "source_id": "c2pa_spec_2_1",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "knowledge",
     "control": "KS-01",
     "name": "Knowledge Source Authorization Register",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {},
   "title": "C2PA — Coalition for Content Provenance and Authenticity Technical Specification 2.1",
   "total": 1
  },
  {
   "source_id": "bitol_odcs",
   "framework_refs": [
    {
     "domain": "data",
     "control": "DM-01",
     "name": "AI Data Asset Inventory and Cataloging",
     "requirement_id": "Schema and Terms sections",
     "fit": "direct"
    }
   ],
   "source_refs": [],
   "by_domain": {
    "data": 1
   },
   "title": "bitol_odcs",
   "total": 1
  },
  {
   "source_id": "data_contract_spec_1_0",
   "framework_refs": [],
   "source_refs": [
    {
     "domain": "data",
     "control": "DM-01",
     "name": "AI Data Asset Inventory and Cataloging",
     "relationship": "informative_reference"
    }
   ],
   "by_domain": {},
   "title": "Open Data Contract Standard (Bitol ODCS)",
   "total": 1
  }
 ]
}
