Control Framework

INT: Intervention

The Intervention domain provides mechanisms for human oversight and automated containment. Four controls ensure humans can observe, approve, and halt agent operations.

INT-01 Pause Capability

Requirement: Operators shall have the ability to immediately pause agent operations without data loss.

Rationale: Enables rapid response to detected incidents.

Evidence: Pause mechanism documentation and test results.

Profile: Standard

INT-02 Approval Workflows

Requirement: Actions meeting defined risk criteria shall require human approval before execution.

Rationale: Ensures human judgment for high-consequence actions.

Evidence: Workflow configuration and approval logs.

Profile: Elevated

INT-03 Automated Containment

Requirement: Systems shall automatically restrict agent capabilities upon detection of policy violations.

Rationale: Limits damage while human responders are engaged.

Evidence: Containment rules and enforcement logs.

Profile: Elevated

INT-04 Escalation Procedures

Requirement: Documented procedures shall define escalation paths for agent-related security incidents.

Rationale: Ensures appropriate response to incidents.

Evidence: Escalation procedures and contact lists.

Profile: Critical

Previous
OBS: Observability
Next
RES: Resilience