These domains define the operational control plane for AI systems that retrieve,
reason, remember, delegate and execute.
01Input & Interface ControlAll external and internal signals entering the AI system.
02Context & RAG ControlWhat becomes trusted context through retrieval and knowledge pipelines.
03Reasoning ControlHow reasoning is constrained, evaluated and governed.
04Decision Layer ControlWhere model suggestions become permitted or denied decisions.
05Execution ControlWhat actions can execute and under which constraints.
06Memory ControlWhat persists, what influences future behavior and what must expire.
07Output ControlWhat reaches the user after sensitivity and policy evaluation.
08Agent & Tooling ControlTool use, agent delegation and workflow boundaries.
09Infrastructure, Runtime & Supply ChainWhere the AI system runs and what dependencies it trusts.
10Monitoring, Observability & TestingVisibility, evidence, testing and continuous validation.
11Resilience & Failure ControlContainment, recovery, rollback and blast-radius reduction.
12Governance, Compliance & User SafetyAccountability, compliance, user protection and executive control.
The AI Security Assessment Blueprint is a control architecture for systems that think, act and remember.
Observable. Controlled. Contained.