Skip to content

For Your Role

Your role. Your risks. Your entry point.

This framework covers a lot of ground. Nobody needs all of it. The framework is designed so that you can quickly identify the controls relevant to your role and context, apply the ones you need, and consciously deselect the ones you do not.

Each page below tells you what matters for your role, why you should care, and where to start reading. Each one is a window from your perspective, not a summary of everything, but a filter for what is relevant to your work.

Stakeholder Map

Pick your role

Security and risk

  • Security Leaders

    How do I secure AI when the threat model is unlike anything I've secured before?

    For: CISOs, Security Directors, Security Architects

  • Risk & Governance

    How do I quantify AI risk and prove to the board that controls are working?

    For: CROs, Risk Managers, GRC Teams

  • Compliance & Legal

    How do I demonstrate that AI deployments meet regulatory obligations, with evidence?

    For: Compliance Officers, Legal Counsel, DPOs, Audit Teams

  • Insider Threat Teams

    Your programme already solves the problem AI agents create. How do you extend it?

    For: Insider Risk Analysts, UEBA Engineers, Behavioural Analytics Teams

Technology and architecture

  • Chief Information Officers

    How do I govern AI across my technology portfolio when every product runs different agents?

    For: CIOs, CTOs, VP Technology

  • Enterprise Architects

    Where do controls go in my pipeline, what do they cost, and how do they fail?

    For: Solution Architects, Platform Architects, Technical Leads

  • AI Engineers

    What do I actually build? Give me implementation patterns, not governance theory.

    For: ML Engineers, AI Developers, Data Scientists, Platform Engineers

Product and business

  • Business Owners

    How do I manage AI risk across my product lines when agents are operational and the cost is real?

    For: Business Unit Leaders, P&L Owners, General Managers

  • Product Owners

    What controls are required to ship AI, and what do they cost in time and money?

    For: Product Managers, Delivery Leads

How these pages work

Each stakeholder page follows the same structure, so you can skim consistently across roles:

  1. The problem from your perspective. Why AI security is not like the security you already know.
  2. What this reference gives you. The specific parts relevant to your work.
  3. Your starting path. Ordered reading list, three to five documents deep.
  4. What you can do Monday morning. Concrete first actions.
  5. Common objections addressed. The pushback you will get, with answers.

These are entry points, not destinations. Follow the links deeper when you need depth.

Not sure which role fits?

Security Leaders covers the broadest risk framing. Product Owners is the fastest concrete path. Enterprise Architects is the entry point if you need to see where every control lands in the stack. If you read one, the others cross-link naturally from there.

References