Models

ISDAIRE defines what may be done.

ARETABA governs whether it may execute.

GAG ensures legitimacy survives composition.

MGAG is multi-layered GAG.

OTANIS governs agentic AI at the point of irreversibility.

These models together define an architectural approach to AI governance that is causal, executable, and auditable, rather than descriptive, procedural, or post-hoc.

They are used to review, stress-test, and advise on agentic systems that perform actions with irreversible consequences.

How to read this page

The models below are not alternatives. They form a dependency chain.

  • ISDAIRE defines whether governance is even possible.
  • ARETABA defines whether governance can execute under pressure.
  • GAG and MGAG define whether legitimacy survives delegation and composition.
  • OTANIS defines whether authority can be defended at execution time, at the point of irreversibility.

If an earlier layer fails, later layers cannot compensate.

ISDAIRE

Intent, Scope, Domain, Authority, Irreversibility, Risk, and Eligibility Evaluation

ISDAIRE defines the irreducible preconditions for governance.

If these conditions are missing, no amount of runtime controls, policies, or oversight frameworks can make a system architecturally governed. Governance becomes descriptive rather than causal.

ISDAIRE is not a full governance framework. It defines the minimum structural requirements without which governance cannot exist at all.

ISDAIRE consists of

  • Intent. The system must have an explicit, machine-legible purpose. Without declared intent, authority and scope cannot be bounded or audited.
  • Scope. What the system is allowed to affect must be defined in advance. Undefined scope makes authority leakage inevitable under scale or load.
  • Domain separation. Reasoning, data access, decision logic, and execution must be structurally distinct. Without separation, authority collapses into automation.
  • Authority source. The origin of authority must be explicit. Human, policy, contract, or regulator. Authority without a source cannot be validated, renewed, or revoked.
  • Irreversibility awareness. The system must explicitly recognise which actions are reversible and which are not. Governance without irreversibility awareness cannot enforce meaningful stopping.
  • Risk framing. Risk must be defined before execution, not inferred after outcomes. Otherwise escalation and refusal are always late.
  • Execution boundary. There must be a clear transition between proposal and commitment. Governance only becomes real at this boundary.

If ISDAIRE fails, the system may still function, but it is not governed.

Inspection test

If any ISDAIRE condition cannot be identified structurally, governance does not exist, regardless of runtime controls or policy artefacts.

ARETABA

Authority, Refusal, Escalation, Traceability, Accountability, Boundary, Admissibility

ARETABA defines the minimum control surface required for governance to execute, not merely exist on paper.

If any one of these elements is missing, governance becomes descriptive rather than causal. The system may still operate, but it is no longer governed.

ARETABA captures

  • Authority. Who is permitted to decide or act, with explicit scope, delegation, and expiry.
  • Refusal / Halt. The structural ability to stop or pause execution when conditions are not met.
  • Escalation. Mandatory pathways when risk, uncertainty, or ambiguity exceeds defined bounds.
  • Traceability. Causal replay of what was decided, by whom, and why.
  • Accountability. Attribution of responsibility at decision time, not reconstructed after failure.
  • Boundary definition. Explicit limits on scope, context, and applicability.
  • Admissibility. What inputs and actions are allowed to enter the system at all.

ARETABA is not a checklist. It is the irreducible execution-time control structure required for systems that must remain legitimate under pressure.

Inspection test

If any ARETABA element is absent or non-enforceable, governance may exist on paper but cannot execute under pressure.

GAG

Global Architectural Governance

What it is

GAG ensures that authority remains legitimate and coherent across composed systems, agents, and organisational boundaries.

What it governs

  • Provenance of authority across system boundaries
  • Preservation of admissibility and authority through delegation
  • Prevention of authority amplification or silent drift during composition

GAG governs authority behaviour between systems.

Key point: GAG prevents systems that are locally compliant from producing globally illegitimate outcomes.

GAG does not prescribe organisational policy. It governs how authority behaves when systems compose.

MGAG

Multi-Layered Global Architectural Governance

MGAG extends GAG to environments where authority must survive multiple technical, organisational, and regulatory layers.

It addresses the challenge of maintaining governance coherence in multi-agent systems, multi-vendor tool chains, and orchestrated workflows where authority flows across layers while preserving accountability.

MGAG focuses on governance seams. These are the points where authority transfers, transforms, or is constrained.

MGAG provides structured approaches to

  • Refusal pathways
  • Escalation mechanisms
  • Audit survivability across compositional boundaries

Use cases

  • Multi-agent orchestration systems
  • Multi-vendor tool chains and integrations
  • High-consequence automation workflows
  • Regulator-facing operations requiring explicit authority chains

MGAG governs authority behaviour across layers, including technical, organisational, and regulatory strata.

OTANIS

Operational Trust and Authority Normative Integrated System

OTANIS is an Operational Trust and Authority Normative Integrated System for governing agentic AI by enforcing legitimate authority at the point where actions become irreversible.

OTANIS exists because, in real systems, the hardest question is not what happened, but who was authorised to let it happen at that exact moment.

In plain terms

  • Operational. Governance executes. It is not descriptive or post-hoc.
  • Trust. Trust is an outcome of enforceable authority and auditability, not belief.
  • Authority. Authority is the primary governed object, explicit, bounded, and lifecycle-managed.
  • Normative. Admissibility is defined ex-ante, not inferred at runtime.
  • Integrated system. ISDAIRE, ARETABA, GAG, and MGAG form a single architecture, not a toolkit.

OTANIS introduces authority evidence as a first-class concern. It defines what evidence must be present before an irreversible action proceeds, how authority may be revoked or expired, and how challenged actions can be examined against recorded proof.

Suitability for agentic and AGI systems

OTANIS is explicitly designed for systems that plan, reason, and act across multiple steps and boundaries, including advanced agentic systems and future AGI-class architectures.

This suitability does not come from constraining intelligence. It comes from separating cognition from execution.

Agentic and AGI systems may generate plans, explore alternatives, revise goals, and operate with non-deterministic or opaque internal reasoning. OTANIS does not attempt to govern these internal processes. It governs whether an action is permitted to occur when consequences become irreversible.

This makes OTANIS compatible with high-autonomy systems for four structural reasons.

  • First, authority is external to the model. OTANIS does not rely on a system's self-assessment of permission. Authority is issued, scoped, and enforced by governance layers that do not emerge from the model's reasoning and cannot drift with learning or optimisation.
  • Second, execution is gated, not thought. Planning and deliberation remain unconstrained. Only execution at defined irreversibility boundaries is subject to authority checks, expiry, refusal, or escalation. This preserves agentic usefulness while maintaining institutional control.
  • Third, authority is time-bounded and non-propagating. Agentic and AGI systems operate over extended horizons. OTANIS treats authority as expiring and context-sensitive, requiring revalidation at each execution boundary rather than assuming persistence across steps, layers, or time.
  • Fourth, governance remains auditable under challenge. AGI reasoning may be non-invertible. OTANIS does not require reconstruction of internal thought. It requires proof that the system was legitimately authorised to act at the moment action occurred. This keeps accountability tractable even as intelligence increases.

In short, OTANIS scales with intelligence because it does not depend on understanding or controlling intelligence. It depends on enforcing legitimate authority where intelligence meets the real world.

This is why OTANIS is suitable not only for today's agentic systems, but also for any future AGI deployed beyond advisory roles, where execution, liability, and irreversibility cannot be left to trust or intent.

A common point of confusion

Audit Logs vs Authority Evidence

OTANIS draws a strict distinction between:

  • Audit logs. Records of what happened. Used for investigation and reconstruction.
  • Authority evidence. Proof of permission to act. Used for accountability and legitimacy.

Audit logs explain events. Authority evidence justifies them.

Both are necessary, but they serve different purposes and have different evidentiary requirements.

Public inspection focus

OTANIS is intentionally inspectable. It does not rely on internal assurances or intent statements. Under challenge, an OTANIS-aligned system must be able to demonstrate authority legitimacy using recorded evidence at the execution boundary.

How MGAG and OTANIS Fit Together

MGAG and OTANIS address complementary aspects of governance in complex systems.

MGAG operates at the architectural level. It informs how governance structures are designed to survive composition across boundaries.

OTANIS operates at the execution level. It defines what evidence must be present at the moment an action commits.

In practice: MGAG informs the identification of governance seams; OTANIS informs how authority is tested and evidenced at those seams.

A system designed using MGAG principles has clear authority flows. A system reviewed using OTANIS principles can demonstrate that authority was legitimate at execution time.

Together, they provide a complete governance picture.

How These Models Are Used in Practice

These models are applied through independent architectural review and advisory, not software delivery.

Architectural Review and Pressure Testing

Existing agentic systems are examined to determine whether authority is explicit, enforceable, and auditable at execution time. Reviews focus on irreversibility boundaries, delegation paths, refusal behaviour, escalation logic, and governance seams.

Implementation Advisory

Guidance is provided to engineering, risk, and governance leaders on how authority structures, execution boundaries, escalation paths, and evidence requirements should be designed or corrected.

These models are applied through review and advisory because governance loses legitimacy when the same party both defines and implements control.

All work is advisory and human-in-the-loop. Final design and operational decisions remain with the organisation.

What This Is and Is Not

This work does not certify systems as safe. It does not replace regulatory approval. It does not implement production systems.

It provides:

  • independent architectural assessment
  • execution-time authority analysis
  • governance stress-testing under realistic failure conditions
  • evidentiary clarity for decision-makers, regulators, and insurers

Who This Is For

  • Organisations deploying agentic systems with irreversible effects
  • Architects responsible for authority, escalation, and auditability
  • Regulators, auditors, insurers, and risk owners
  • Vendors integrating AI into high-consequence workflows