Seven frameworks for governing LLM systems: the map before the territory

Why seven frameworks?

In conversations with AI teams inside regulated institutions, I keep noticing the same pattern: the governance discussion starts with control - who approves, who audits, who owns the risk - before any shared vocabulary exists for what is being controlled. The result is predictable: policies that never touch the real system, runbooks that age out at the first release, audits that measure what's easy to measure, not what matters.

The cheapest path I've found is to flip the order. Map first, control second. And the map, today, is made of seven documents that overlap at different angles.

The seven

1. NIST AI RMF 1.0 - governance function in four phases (Govern, Map, Measure, Manage).
2. ISO/IEC 42001:2023 - AI management system, certifiable, plug-in for orgs already on 27001.
3. OWASP LLM Top 10 (2025) - technical risks at the application layer.
4. OWASP Agentic Top 10 (2026) - risks specific to autonomous, tool-using systems.
5. NIST SP 800-53r5 - traditional security controls that still apply.
6. CIS Controls v8.1 - operational baseline, useful where 800-53 is too dense.
7. MITRE ATLAS - adversarial TTPs specific to ML/AI.

How they fit

The usual confusion is to treat the list as redundant. It isn't. NIST AI RMF and ISO 42001 sit at the organizational layer: how a company decides what it will and won't do with AI. OWASP LLM and Agentic Top 10 sit at the product layer: what can go wrong inside the application. NIST 800-53 and CIS are the controls that survive from the pre-LLM era. ATLAS is the adversary's vocabulary.

When those planes line up, the question "is this our risk or the model's?" stops being political and becomes engineering.

Next in the series

Over the next four parts, I'll go a level deeper inside each grouping: how to map a real application against OWASP LLM Top 10, how to translate ISO 42001 into artifacts a product team can use, and how ATLAS becomes the shared language between red team and engineering.