Strategic Principle Hypotheses
Testable propositions about enterprise AI security. Each hypothesis is argued using the Toulmin method: claim, grounds, warrant, backing, qualifier, and rebuttal. Assertion records from the IAAI framework support or challenge each claim.
Identity-Aware AI Security in a Five-Pillar Architecture
Identity-aware authorization is the primary AI control plane when operated as a closed loop across policy, retrieval, abstraction, security operations, and governance.
Post-AI Security Operations as the Safety Net for Identity-Aware AI
Treat AI as both a new source of risk and a new security capability by extending security operations to monitor AI interactions and feed continuous technical feedback into identity-aware policies and governance.
Enterprise AI Governance as Supervisory Oversight for AI
Establish Enterprise AI Governance as a peer board that translates AI risk appetite into concrete policies, controls, and portfolio decisions across the identity-aware AI security pillars.
Strategic Operations Governance as the Post-AI Operating Model
Strategic Operations Governance becomes the operating-model spine that aligns cross-functional change and AI-driven work with enterprise strategy.
Agentic Enterprise Architecture for the AI Fabric
Post-AI Enterprise Division of Labor - Operating and Changing Automated Systems
Enterprises should explicitly organize post-AI work - the tasks performed by people, their personal agents, and shared enterprise agents - around two missions, operating automated systems and changing them, because as automation deepens, essentially all meaningful work falls into run or change activities, and treating this explicitly improves architecture, budgeting, and Strategic Operations Governance.