EC-Council ADG — Adopt · Defend · Govern · v2026

EC-Council ADG — Adopt · Defend · Govern

EC-Council ADG — Adopt · Defend · Govern — 96% covered.

35 requirements · 33 enforced · 0 designed · 2 advisory · 0 deferred.

Source: https://aigovernance.eccouncil.org/adgframework · License: Framework text © EC-Council; KYE Protocol bindings are KYE-authored.

By category

CategoryReqsEnforcedDesignedAdvisoryDeferredCoverage
Pillar 1 — Adopt 10 9 0 1 0 93%
Pillar 2 — Defend 10 10 0 0 0 100%
Pillar 3 — Govern 15 14 0 1 0 95%

Every requirement → the KYE artefact that enforces it

IDTitleStatusKYE enforcement
ec-council-adg.adopt.lifecycle-management Adopt — AI lifecycle management enforced audit_events: kye.model.capability_profile.v1, kye.evidence.decision_map.v1, kye.compliance.attestation.v1
engines: internal, internal
constitution_refs: constitution/14-AGENTS-AND-ENGINES.md
ec-council-adg.adopt.model-capability-binding Adopt — Model capability profile bound to deployment enforced audit_events: kye.model.capability_profile.v1, kye.compliance.attestation.v1
engines: internal
constitution_refs: constitution/14-AGENTS-AND-ENGINES.md
ec-council-adg.adopt.model-risk-assessment Adopt — Pre-deployment risk assessment with framework floor enforced audit_events: kye.risk_assessment.v1, kye.compliance.attestation.v1
engines: internal
constitution_refs: constitution/13-RESILIENCE-LOOP.md
ec-council-adg.adopt.secure-deployment-baseline Adopt — Secure-by-default deployment baseline enforced audit_events: kye.compliance.attestation.v1
engines: internal
constitution_refs: constitution/16-EDGE-RUNTIME.md
ec-council-adg.adopt.change-management Adopt — Change management with replay-proof envelope enforced audit_events: kye.evidence.trace_replay_spec.v1, kye.compliance.attestation.v1
engines: internal, internal
constitution_refs: constitution/13-RESILIENCE-LOOP.md
ec-council-adg.adopt.adoption-evidence-pack Adopt — Adoption evidence pack at go-live enforced audit_events: kye.evidence.pack.v1, kye.compliance.attestation.v1
engines: internal
constitution_refs: constitution/13-RESILIENCE-LOOP.md
ec-council-adg.adopt.purpose-grant-issuance Adopt — Purpose Permission grant issuance at adoption enforced audit_events: kye.purpose.grant.v1, kye.compliance.attestation.v1
engines: internal
constitution_refs: constitution/12-PURPOSE-PERMISSION.md
ec-council-adg.adopt.training-and-onboarding Adopt — Workforce training and role-based onboarding advisory constitution_refs: constitution/10-PARTNER.md, constitution/39-LEARN-RAIL.md
ec-council-adg.adopt.acceptable-use Adopt — Acceptable use policy bound to authority scope enforced audit_events: kye.purpose.grant.v1, kye.evidence.decision_map.v1
engines: internal
constitution_refs: constitution/12-PURPOSE-PERMISSION.md
ec-council-adg.adopt.assurance-baseline Adopt — Initial assurance attestation at go-live enforced audit_events: kye.compliance.attestation.v1, kye.attestation.v1
engines: internal
constitution_refs: constitution/21-DELEGATED-AUDITABILITY.md
ec-council-adg.defend.threat-modelling Defend — AI-specific threat modelling enforced audit_events: kye.risk_assessment.v1
engines: internal
constitution_refs: constitution/13-RESILIENCE-LOOP.md
ec-council-adg.defend.red-team Defend — Red-team / adversarial testing enforced audit_events: kye.signal.stress_test.high_risk_detected.v1, kye.compliance.attestation.v1
engines: internal
constitution_refs: constitution/13-RESILIENCE-LOOP.md
ec-council-adg.defend.runtime-monitoring Defend — Runtime monitoring with drift detection enforced audit_events: kye.signal.drift.detected.v1, kye.signal.stable_drift.detected.v1, kye.compliance.attestation.v1
engines: internal
constitution_refs: constitution/35-STREAMING-LOGS.md
ec-council-adg.defend.tool-mcp-security Defend — Tool / MCP-server authority register enforced audit_events: kye.tool_mcp_register.v1, kye.evidence.tool_call_pin.v1, kye.compliance.attestation.v1
engines: internal
constitution_refs: constitution/15-MCP-AND-SDK.md, constitution/52-DELEGATED-AGENT-BINDING.md
ec-council-adg.defend.prompt-injection-defence Defend — Prompt-injection + influence-envelope defence enforced audit_events: kye.model.influence_envelope.v1, kye.evidence.tool_call_pin.v1, kye.compliance.attestation.v1
engines: internal, internal
constitution_refs: constitution/12-PURPOSE-PERMISSION.md, constitution/52-DELEGATED-AGENT-BINDING.md
ec-council-adg.defend.supply-chain Defend — Model + tool + dataset supply-chain integrity enforced audit_events: kye.model.capability_profile.v1
engines: internal
constitution_refs: constitution/14-AGENTS-AND-ENGINES.md
ec-council-adg.defend.incident-response Defend — Incident response with replay-proof evidence enforced audit_events: kye.evidence.trace_replay_spec.v1, kye.evidence.pack.v1, kye.compliance.attestation.v1
engines: internal, internal
constitution_refs: constitution/13-RESILIENCE-LOOP.md, constitution/30-AUDIT-WORM-RETENTION.md
ec-council-adg.defend.spof-resilience Defend — No single point of failure across privileged ops enforced audit_events: kye.spof_registry.v1, kye.spof.path_to_full.v1, kye.compliance.attestation.v1
engines: internal
constitution_refs: constitution/51-NO-SPOF.md
ec-council-adg.defend.federation-trust Defend — Federation trust-boundary control enforced audit_events: kye.federation.cross_org_delegation.v1, kye.compliance.attestation.v1
engines: internal
constitution_refs: constitution/21-DELEGATED-AUDITABILITY.md
ec-council-adg.defend.continuous-attestation Defend — Continuous compliance attestation cadence enforced audit_events: kye.compliance.attestation.v1
engines: internal
constitution_refs: constitution/00-INDEX.md, constitution/21-DELEGATED-AUDITABILITY.md
ec-council-adg.govern.authority-register Govern — Risk + authority register at board level enforced audit_events: kye.risk.authority_register.v1, kye.compliance.attestation.v1
engines: internal
constitution_refs: constitution/21-DELEGATED-AUDITABILITY.md
ec-council-adg.govern.purpose-permission-finality Govern — Purpose Permission grant as the authority unit enforced audit_events: kye.purpose.grant.v1, kye.compliance.attestation.v1
engines: internal
constitution_refs: constitution/12-PURPOSE-PERMISSION.md
ec-council-adg.govern.admissibility-gate Govern — Action admissibility gate before any side-effect enforced audit_events: kye.purpose.admissibility.v1, kye.compliance.attestation.v1
engines: internal
constitution_refs: constitution/12-PURPOSE-PERMISSION.md
ec-council-adg.govern.evidence-pack Govern — Evidence pack emission per action (MC-9) enforced audit_events: kye.evidence.pack.v1, kye.compliance.attestation.v1
engines: internal
constitution_refs: constitution/13-RESILIENCE-LOOP.md, constitution/30-AUDIT-WORM-RETENTION.md
ec-council-adg.govern.decision-map Govern — Runtime decision-map binding (MC-6) enforced audit_events: kye.evidence.decision_map.v1, kye.compliance.attestation.v1
engines: internal
constitution_refs: constitution/13-RESILIENCE-LOOP.md
ec-council-adg.govern.replay-proof Govern — Replay-proof spec (MC-10) enforced audit_events: kye.evidence.trace_replay_spec.v1, kye.compliance.attestation.v1
engines: internal
constitution_refs: constitution/13-RESILIENCE-LOOP.md
ec-council-adg.govern.authority-finality Govern — Authority Finality record (MC-11) enforced audit_events: kye.estate.authority_finality.v1, kye.compliance.attestation.v1
engines: internal, internal
constitution_refs: constitution/13-RESILIENCE-LOOP.md
ec-council-adg.govern.human-oversight Govern — Human oversight + critical-point review (MC-12) enforced audit_events: kye.governedui.critical_point_review.v1, kye.governedui.approval.v1, kye.governedui.action_proposal.v1, kye.compliance.attestation.v1
engines: internal, internal
constitution_refs: constitution/36-GOVERNEDUI.md
ec-council-adg.govern.autonomy-tiers Govern — Declared autonomy tier per agent deployment enforced audit_events: kye.autonomy_tier.v1, kye.compliance.attestation.v1
engines: internal
constitution_refs: constitution/12-PURPOSE-PERMISSION.md, constitution/36-GOVERNEDUI.md
ec-council-adg.govern.mc1-identity Govern MC-1 — Verified entity / identity register enforced audit_events: kye.governedui.entity_passport.v1, kye.compliance.attestation.v1
engines: internal
constitution_refs: constitution/14-AGENTS-AND-ENGINES.md
ec-council-adg.govern.mc2-delegation-envelope Govern MC-2 — Delegation envelope enforced audit_events: kye.purpose.grant.v1, kye.delegation.v1, kye.compliance.attestation.v1
engines: internal
constitution_refs: constitution/12-PURPOSE-PERMISSION.md
ec-council-adg.govern.mc3-chain-of-authority Govern MC-3 — Chain of authority across organisations enforced audit_events: kye.federation.cross_org_delegation.v1, kye.delegation_chain.v1, kye.compliance.attestation.v1
engines: internal
constitution_refs: constitution/21-DELEGATED-AUDITABILITY.md
ec-council-adg.govern.mc8-revocation Govern MC-8 — Revocation + expiry control enforced audit_events: kye.purpose.grant.v1, kye.purpose.admissibility.v1, kye.compliance.attestation.v1
engines: internal, internal
constitution_refs: constitution/12-PURPOSE-PERMISSION.md
ec-council-adg.govern.decision-rights Govern — Decision rights declared per agent / per action class enforced audit_events: kye.governedui.authority_scope.v1, kye.governedui.action_proposal.v1, kye.compliance.attestation.v1
engines: internal
constitution_refs: constitution/36-GOVERNEDUI.md
ec-council-adg.govern.board-reporting Govern — Board-readable reporting cadence advisory audit_events: kye.compliance.attestation.v1
engines: internal
constitution_refs: constitution/21-DELEGATED-AUDITABILITY.md