The GovCompass-7 control framework

Responsible AI has a marketing problem. It usually appears as an aspiration rather than a specification, and an AI Officer cannot implement an aspiration. They can implement a control, test whether it works, and produce the evidence that it worked when a supervisory authority asks. The GovCompass-7 reframes responsible AI as a control problem: it names seven pillars that together define what it means for an AI system to be responsibly governed, and for each one it specifies the controls that hold it in place.

From principle to pillar

The seven responsible AI principles, fairness, safety and reliability, privacy, security and robustness, transparency and explainability, accountability, and human oversight, are widely recognised. The OECD, the NIST AI Risk Management Framework, and ISO/IEC 42001 all name versions of them. What they do not provide is a way to operate them.

GovCompass translates each principle into a governable pillar. A principle tells you what good looks like: that a system should be fair, or private, or under human control. A pillar tells you how to hold that in place and prove it: the preventive, detective, and corrective controls that operationalise the principle, and the evidence that they operate. The move from principle to pillar is the move from an aspiration a supervisory authority cannot check to a control a supervisory authority can audit. That move is what the GovCompass-7 is for.

Three layers of control

Each pillar is governed through three control layers that any auditor will recognise:

• Preventive controls stop a failure from occurring.
• Detective controls surface a failure once it has occurred.
• Corrective controls contain and remediate it, and feed the lesson back into prevention.

No single layer is sufficient. Preventive controls reduce the probability of harm but never eliminate it. Detective controls catch what prevention misses, but only matter if something acts on the signal. Corrective controls close the loop. A pillar governed only by preventive controls looks compliant on paper and fails silently in production. A responsible AI programme is one that can demonstrate, with evidence, that all three layers operate for each pillar across its AI inventory. These three layers are what turn a principle into a pillar: without them, fairness is a value statement; with them, it is a governed property with evidence.

Read it as a system

The pillars are distinct but not independent. Security and robustness underpins the others, because a model that can be manipulated cannot be relied upon to be fair, safe, or transparent. Explainability enables oversight, because an overseer cannot review what they cannot understand. Accountability binds everything, because every control needs an owner. In a working programme the seven share one infrastructure: one AI inventory, one risk register, one incident process, one set of oversight logs.

The eighth element: Agentic AI

The seven pillars assume a system that produces an output a human then acts on. When a system does not just decide but acts, calling tools, executing transactions, invoking other agents, an eighth, integrating element comes into play. Agentic AI sits at the centre of the framework rather than on the ring, because it is not a peer pillar: it is the element that binds the seven under the conditions that autonomy creates. An agent that takes actions must satisfy all seven pillars continuously, across multi-step chains, without a human checkpoint between each step. Agentic AI is where the seven are stressed together, and where they either hold or fail together.

Read the eighth element: Agentic AI: governing actions, not just decisions.

Governance maturity

A useful way to read your own programme is to ask, for each pillar, which control layers actually operate. That is a more honest picture than a binary compliant-or-not judgement:

1. Preventive only. A policy, a pre-deployment assessment, a sign-off, and nothing after. The most common state, and the one that looks compliant in a procurement review and fails silently in production.
2. Preventive and detective. The pillar is monitored, drift is surfaced, complaints are routed. You now know when something has gone wrong, but knowing is not the same as acting.
3. All three layers, connected. Prevention reduces the failure rate, detection surfaces what remains, and correction contains each failure and feeds the lesson back into prevention. The loop closes. This is what the Art. 9 risk-management requirement demands.
4. A cross-pillar view. You can see the maturity of all seven pillars at once, allocate attention to the weakest, and run the GovCompass-7 as a living management system rather than a compliance artefact. This is the state ISO/IEC 42001 is built to support. An agentic estate demands the same cross-pillar maturity applied to autonomous action, read across a fleet of agents rather than a fleet of models.

Using the framework

Take the AI inventory and, for each high-risk system, assess each pillar against the three layers: is the control designed, implemented, and evidenced? The gaps in that grid are the governance backlog, prioritised by the risk of the system and the severity of the missing control. For agentic systems, apply the grid per stack rather than per agent: an orchestrator and its sub-agents are assessed as one high-risk system (see Why your agentic stack is one high-risk system). Mapped one way, the grid is a responsible AI framework. Mapped another, it is an EU AI Act conformity file, a NIST AI RMF profile, and the core of an ISO/IEC 42001 management system.