Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Trustworthy AI Posture (TAIP): A Framework for Continuous AI Assurance of Agentic Systems at Horizontal and Vertical scale

Guy Lupo, Bao Quoc Vo, Natania Locke

TL;DR

The Trustworthy AI Posture (TAIP) framework, which operationalises the NIST AI RMF Test,Evaluate,Verify,Validate (TEVV) cycle as reusable AI Assurance Objects, enables scalable, machine-speed trust signal generation.

Abstract

The emergence of autonomous, high-velocity Agentic AI systems is creating an internal assurance scalability crisis. Point-in-time, document-based audits cannot keep pace with non deterministic behaviour and distributed deployments of agents across rapidly evolving environments. The crisis is dual-scale: vertically, governance and control obligations change faster than frameworks can operationalise them; horizontally, assurance mechanisms fail to scale across complex, heterogeneous systems and evidence sources. Risk-based regulation now requires organisations to demonstrate ongoing control adequacy and effectiveness, yet existing Trustworthy AI Assurance and Audit frameworks remain fragmented and largely manual. Drawing on the evolution of cybersecurity posture management, this paper reframes trustworthiness as a continuously generated signal rather than a static certificate. It contributes 1) A Trustworthy AI Assurance Ontology modelling the end-to-end pathway from regulatory obligation to verifiable evidence 2) An ontology-driven, evidence-gated benchmark of thirteen leading frameworks, revealing a posture readiness gap 3) The Trustworthy AI Posture (TAIP) framework, which operationalises the NIST AI RMF Test,Evaluate,Verify,Validate (TEVV) cycle as reusable AI Assurance Objects. TAIP decouples policy content ('what') from execution semantics ('how'), enabling composable, automatable assurance across jurisdictions and agentic systems. Evidence from heterogeneous tools is normalised and recursively aggregated into posture at claim, system, organisational, and ecosystem levels. A use case mapping Australian AI Guardrails to Microsoft 365 Copilot demonstrates claim decomposition, evidence binding, and posture computation in practice. By standardising execution while allowing policy variation, TAIP enables scalable, machine-speed trust signal generation.

Trustworthy AI Posture (TAIP): A Framework for Continuous AI Assurance of Agentic Systems at Horizontal and Vertical scale

TL;DR

The Trustworthy AI Posture (TAIP) framework, which operationalises the NIST AI RMF Test,Evaluate,Verify,Validate (TEVV) cycle as reusable AI Assurance Objects, enables scalable, machine-speed trust signal generation.

Abstract

The emergence of autonomous, high-velocity Agentic AI systems is creating an internal assurance scalability crisis. Point-in-time, document-based audits cannot keep pace with non deterministic behaviour and distributed deployments of agents across rapidly evolving environments. The crisis is dual-scale: vertically, governance and control obligations change faster than frameworks can operationalise them; horizontally, assurance mechanisms fail to scale across complex, heterogeneous systems and evidence sources. Risk-based regulation now requires organisations to demonstrate ongoing control adequacy and effectiveness, yet existing Trustworthy AI Assurance and Audit frameworks remain fragmented and largely manual. Drawing on the evolution of cybersecurity posture management, this paper reframes trustworthiness as a continuously generated signal rather than a static certificate. It contributes 1) A Trustworthy AI Assurance Ontology modelling the end-to-end pathway from regulatory obligation to verifiable evidence 2) An ontology-driven, evidence-gated benchmark of thirteen leading frameworks, revealing a posture readiness gap 3) The Trustworthy AI Posture (TAIP) framework, which operationalises the NIST AI RMF Test,Evaluate,Verify,Validate (TEVV) cycle as reusable AI Assurance Objects. TAIP decouples policy content ('what') from execution semantics ('how'), enabling composable, automatable assurance across jurisdictions and agentic systems. Evidence from heterogeneous tools is normalised and recursively aggregated into posture at claim, system, organisational, and ecosystem levels. A use case mapping Australian AI Guardrails to Microsoft 365 Copilot demonstrates claim decomposition, evidence binding, and posture computation in practice. By standardising execution while allowing policy variation, TAIP enables scalable, machine-speed trust signal generation.
Paper Structure (100 sections, 1 equation, 13 figures, 4 tables)

This paper contains 100 sections, 1 equation, 13 figures, 4 tables.

Table of Contents

  1. Introduction: The Agentic AI Assurance Scalability Crisis
  2. The Shift to Risk-Based Regulation and the governance gap
  3. Problem Framing and Research Scope
  4. The Vertical scale - fast evolving governance and control environment
  5. The Horizontal scale - Multiple technology environment
  6. Research Methodology, Innovation, and Contributions
  7. Contribution #1 Section(\ref{['sec:taio-signal']})
  8. Contribution #2 (Section \ref{['subsec:rubric-gate']})
  9. Contribution #3 Section (\ref{['subsec:taip-at-a-glance']})
  10. State of the Art, Gap Analysis, Identifying the Trustworthiness Signal, and the need for TAI Posture
  11. The Development of the Trustworthy AI Assurance Ontology: Identifying the Trustworthiness Signal
  12. From "trustworthy AI" taxonomies to an assurance-flow ontology.
  13. Empirical grounding and foundations in prior ontology work
  14. Formalising the trustworthiness signal and analysing scale
  15. Ontology-Driven Literature Review and Comparative Analysis
  16. ...and 85 more sections

Figures (13)

  • Figure 1: Trustworthy AI Assurance Ontology (diagram).
  • Figure 2: Establishing trust in AI systems: assurance domains and signal flows.
  • Figure 3: PRISMA 2020 flow diagram for the ontology-informed literature review (identification, screening, eligibility, inclusion).
  • Figure 4: Framework classification distribution results from the capability ladder (pillar scores and morphology groups).
  • Figure 5: TAIP workflow overview: scope, TEV execution, and validation
  • ...and 8 more figures