AI Decision Governance Maturity Model (ADGMM) Version 1.0 — published by OMNIX QUANTUM LTD. The ADGMM addresses a fundamental gap in the current AI governance landscape: there is no standardized, independently verifiable scale by which an organization — or its regulators, auditors, customers, or counterparties — can answer the question: How mature is this organization's AI decision governance? Existing frameworks (CMMI, NIST CSF, ISO/IEC 42001) describe organizational capabilities and process maturity. The ADGMM describes a different property: the strength and independence of the cryptographic and protocol-level guarantees that accompany each governed decision, and the extent to which those guarantees can be verified by a party that does not trust — and has no relationship with — the governing organization. The twelve ADGMM levels are organized into four zones: Zone I — Internal Record (Levels 1-3): Decision Logging, Structured Decision Records, Authority Attribution. The organization records and attributes decisions internally. Governance evidence exists but relies on organizational trust. Zone II — Cryptographic Proof (Levels 4-6): Verifiable Governance Receipts, Independent Offline Verification, Behavioral Execution Attestation. Third parties can verify individual receipts. Behavioral conformance during execution is attested. Level 6 addresses the Authorization-to-Behavior Gap — the gap between proving an agent was authorized to act and proving what the agent actually produced during execution. Zone III — Public Infrastructure (Levels 7-9): Configuration Governance Binding, Public Registry Attestation, Pre-Execution Governance Contracts. A regulator with no organizational relationship can verify governance of specific decisions. Pre-execution contracts are formally specified and sealed before action begins. Execution is blocked without a valid sealed contract — fail-closed. Zone IV — Complete Governance (Levels 10-12): Mandate Integrity Certification, Consequence Boundary Enforcement, Federated Multi-Organizational Governance. Level 10 addresses the Mandate Failure Mode — proxy-optimization detection and continuous per-turn mandate alignment scoring with three-tier certification (FULLY BOUND / ALIGNED / UNCERTIFIED). Level 11 extends the governance boundary to the point of consequence: downstream systems are fail-closed without valid governance proof. Level 12 provides cross-organizational governance with dual-layer PQC signatures, organization-level governance hash chains with Merkle checkpoints, and human approval receipts as first-class, PQC-signed governance artifacts. Key design properties: Evidence-based: Each level is defined by required evidence artifacts, not by claimed capabilities. Independently verifiable: Every level from Level 4 onward requires verification by a party with no trust relationship with the issuing organization. Monotonically cumulative: Level N subsumes all requirements of Levels 1 through N-1. Technology-neutral: No specific implementation is mandated. Any infrastructure satisfying the evidence requirements achieves the level designation. Regulatory alignment: EU AI Act (Regulation EU 2024/1689) Articles 9, 12, 13, 14, 17; NIST AI Risk Management Framework (AI RMF 1.0) GOVERN/MAP/MEASURE/MANAGE functions; ISO/IEC 42001:2023 Clauses 6-10; GDPR Article 22 (automated decision-making); OHADA Digital Framework for 17 West and Central African member states. Comparison with existing frameworks: CMMI, NIST CSF, and ISO/IEC 42001 describe organizational capability and process maturity. None require independently verifiable cryptographic evidence per decision, offline verification tools, consequence boundary enforcement, or cross-organizational federated governance. The ADGMM occupies a distinct layer: decision-level governance evidence that any third party can verify without organizational trust. Appendix A maps all twelve ADGMM levels to the Agent Trust Fabric (ATF) Open Standard series (RFC-ATF-1 through RFC-ATF-12, OMNIX QUANTUM LTD) as a reference implementation example. The ATF stack, designated ATF-FED-Compliant at RFC-ATF-12, satisfies all requirements of ADGMM Level 12. Appendix C provides a 46-item self-assessment checklist organized by zone for compliance teams, enterprise buyers, and governance auditors.
Harold Alberto Nunes Rodelo (Fri,) studied this question.
Synapse has enriched 5 closely related papers on similar clinical questions. Consider them for comparative context: