Introduction
Scope and Applicability
Continuum/AI applies to systems where AI agents interpret instructions and autonomously determine actions to achieve objectives. The standard complements existing security frameworks rather than replacing them.
In scope
Continuum/AI applies to systems where AI agents interpret natural language or structured instructions to determine actions, agents invoke tools, APIs, or services to accomplish objectives, agents operate with delegated user permissions or service credentials, and agent actions can affect confidential data, system configuration, or external communications.
The standard addresses the operational security of agentic systems. It focuses on runtime behavior rather than development practices or model characteristics.
Out of scope
The following are explicitly excluded from Continuum/AI scope.
AI model training and fine-tuning processes fall under ISO 42001 and related standards. Static AI inference endpoints without tool invocation capability do not create agentic risk. Robotic Process Automation with fully deterministic workflows operates predictably without the interpretive risk of language models. Conversational AI without action-taking capabilities cannot affect systems beyond conversation.
Relationship to other standards
Continuum/AI is designed to complement, not replace, existing security frameworks. Organizations should maintain their current compliance posture and apply Continuum/AI as an additional layer addressing agentic-specific risks.
| Framework | Relationship |
|---|---|
| ISO 27001 | Complements information security management with agentic controls |
| ISO 42001 | Extends AI management to operational security |
| SOC 2 | Provides agent-specific evidence for trust criteria |
| NIST CSF | Maps to all functions with agentic specificity |
Organizations with existing certifications can inherit applicable controls when evidence demonstrates equivalence to Continuum/AI requirements.