Framework · National Institute of Standards and Technology
NIST AI Risk Management Framework
Widely adopted lifecycle for govern, map, measure, and manage. Useful language when you align product controls to internal AI governance programs.
Context
Frameworks your team can use in review
A short list of external references for security, risk, and compliance discussions.
Why we keep this list shortSkim frameworks quickly; expand for how we use them with customers in session.
These links give teams shared language. We cover Verdict-specific architecture and controls in working sessions.
Map a workflowOpen
Framework · OWASP Foundation
OWASP Top 10 for LLM Applications
Practical risk categories for production LLM systems; complements pre-execution policy enforcement and evidence design.
Research · arXiv (Wang et al., 2023, updated on arXiv)
A Survey on Large Language Model based Autonomous Agents
Structured overview of how autonomous and tool-using agents are composed, useful context for where synchronous enforcement on the action boundary fits.
Technical · Open Policy Agent
Open Policy Agent: Policy and guardrails at scale
The policy-as-code model Verdict builds on: declarative rules, versioned bundles, and evaluation that fits infrastructure-grade workflows.
Security · MITRE
MITRE ATLAS
Tactics and techniques for machine-learning systems, shared vocabulary for security reviews and red-team planning around model-mediated actions.
Framework · OECD
OECD AI Principles
Widely referenced values (robustness, accountability, human rights) that executive AI charters and enterprise policies often echo.
Turn references into a concrete enforcement plan
Bring your security, platform, and GRC owners. In a working session we map tool calls, policy surfaces, and evidence to how you already run diligence and your control framework.