Artifacts

5-layer security architecture with MITRE ATLAS mapping, 33 controls, implementation roadmap, and NIST CSF 2.0 + EU AI Act compliance mapping.

• 5-layer security model (Physical/Network through Monitoring/Detection)
• MITRE ATLAS threat mapping with 15 techniques
• 33 security controls with control tables per layer
• 4-phase implementation roadmap
• NIST CSF 2.0 + EU AI Act + OWASP ML Top 10 compliance mapping

Governance-as-architecture with 8 infrastructure integration mappings, OPA/Rego policy engine, platform implementations, and NIST AI RMF alignment.

• 8 governance-to-infrastructure mappings
• Three-layer governance-as-code stack (OPA/Rego)
• Platform implementations for Databricks and SageMaker
• Full NIST AI RMF alignment across 4 functions
• 3-phase, 12-week implementation playbook (268 hours)

Three deployment scenarios comparing Cloud ($31.5M), Hybrid ($24.3M), and On-Premises ($22.8M) for 100 H100 GPUs over 3 years.

• 3 scenarios: Cloud, Hybrid, On-Premises
• 9 cost categories with line-item detail
• 15 user-adjustable variables
• Break-even analysis at 60-70% GPU utilization
• Sensitivity analysis and spreadsheet implementation guide

Translates the NIST AI Risk Management Framework into existing CISO program structures with gap analysis and implementation checklist.

• GOVERN/MAP/MEASURE/MANAGE function mapping
• 60-70% of requirements already met by mature programs
• Gap analysis across three key areas
• Board communication templates
• Quick-start implementation timeline

MITRE ATLAS-based threat modeling template with blank fillable sections and a completed example for an Enterprise Customer Support LLM.

• 6-section fillable template with MITRE ATLAS taxonomy
• 16 threat techniques across 6 tactics
• 5×5 risk scoring matrix with calibration guide
• Completed example: 10 threats, 15 controls
• Control library: 8 preventive, 6 detective, 5 corrective