Control Framework
Framework Architecture
The Continuum/AI control framework organizes 48 controls across 10 domains. Each control defines observable criteria that can be verified through evidence collection.
Design principles
Five principles guide the framework architecture.
Specificity requires that controls address risks unique to agentic systems rather than restating general security requirements. The framework does not duplicate controls available in ISO 27001 or SOC 2.
Auditability requires that each control defines observable criteria. An assessor can verify compliance through evidence collection without relying on subjective judgment.
Composability enables controls to be selected and combined based on deployment scope and risk profile. The certification model defines which controls apply at each profile level.
Operational focus directs attention to runtime behavior rather than development practices or model characteristics.
Defense in depth ensures multiple controls address each threat category. A single control failure does not expose the organization to unmitigated risk.
Domain structure
| Code | Domain | Controls | Purpose |
|---|---|---|---|
| GOV | Governance | 5 | Policy, ownership, oversight |
| IDN | Identity | 4 | Agent and server authentication |
| AZN | Authorization | 5 | Permission management |
| DAT | Data Protection | 6 | Classification and leak prevention |
| VAL | Input Validation | 5 | Injection prevention |
| EXE | Execution Security | 5 | Isolation and containment |
| OBS | Observability | 6 | Logging and detection |
| INT | Intervention | 4 | Human oversight mechanisms |
| RES | Resilience | 4 | Incident response and recovery |
| SUP | Supply Chain | 4 | Dependency management |
Control specification format
Each control specifies six attributes: identifier (domain code and sequence number), title (concise description), requirement (normative statement), rationale (threat addressed), evidence (artifacts for compliance), and profile (minimum certification level).