New AI governance frameworks continue to barrage tech and security leaders almost as fast as benchmarks on foundation models update. Forrester’s AEGIS Framework is not just “yet another framework” or acronym for CISOs to juggle. With our release of the report, Forrester’s AEGIS Framework For Agentic Security: Regulatory Mapping Template, it’s now a fully cross-referenced, regulation-aware blueprint for building trust in AI systems. If you’re a CISO, CIO, or CTO — or you report to one — AEGIS is a pathway to AI agent and agentic trust.

AEGIS Analysis: By The Numbers

Forrester’s AEGIS Framework doesn’t operate in a vacuum. Of its 39 substantive controls, 80% map to four or more major frameworks. Fifteen controls map to all five: NIST AI RMF, the EU AI Act, OWASP Top 10 for LLMs, MITRE ATLAS, and ISO/IEC 42001:2023. As anyone who has built a regulatory crosswalk knows, controls use a lot of the same words but the context can differ significantly between frameworks.

NIST And ISO Are Your Core

Every single control in AEGIS references NIST’s AI Risk Management Framework and ISO/IEC 42001:2023. These two frameworks are the backbone of AI governance. If your program aligns with AEGIS, it aligns with NIST AI RMF and ISO 42001. Finally, one framework solves many of your AI governance problems.

Framework Number Of Controls Mapped Percentage Of Coverage
NIST AI RMF 39 100%
ISO/IEC 42001:2023 39 100%
OWASP Top 10 for LLMs 34 87%
The EU AI Act 29 74%
MITRE ATLAS 21 54%

 

The EU AI Act And OWASP Top 10 For LLMs Are Critical But Not Universal

OWASP shows up in 34 controls. The EU AI Act appears in 29. These frameworks form a secondary cluster. Every EU-mapped control also cites ISO. Every OWASP-mapped control cites NIST. That provides layers that cross geographic, technical, and nontechnical control frameworks for security teams. Twenty-one controls reference MITRE techniques.

Framework Density Signals Governance Load

Framework density is a proxy for how much governance lift a security team must carry when viewing a framework in isolation. The EU AI Act tops the list with 80 distinct references, spanning transparency, human oversight, and lifecycle risk. That’s operationally demanding. NIST contributes 49, anchoring risk management and monitoring. OWASP adds 41, focused on LLM-specific threats like prompt injection and data leakage. MITRE ATLAS maps to 20 controls, cataloging adversarial techniques and mitigations. Without the AEGIS regulatory crosswalk, these numbers represent a workload forecast. With our newly released research, security leaders now understand the governance gravity before they allocate resources.

The Most Frequently Cited Items

  • ISO 8.1: operational planning and control (29 times)
  • NIST MEA 2.4: monitor production systems (7 times)
  • NIST MAN 2.4: deactivate AI systems (7 times)
  • OWASP LLM08: vector and embedding weaknesses (6 times)
  • EU Articles 13, 16–18, and 25: each cited four times

High-Density Controls Equal High Yield To Anchor Trust

These controls are the load-bearing scaffolding of trust in AI agents and agentic architectures. Build your program and controls around them for a comprehensive and flexible foundation. Think of these as your “starting five” to instrument, monitor, and audit. These give you the broadest coverage and fewest blindspots:

  • GRC-01: AI governance and oversight function (33 mapped items)
  • GRC-08, DATA-01, DEV-01, GRC-02: each mapped in the low 20s

What You Should Do Next

Security leaders don’t need another framework. They need a sequencing plan. AEGIS gives you one. Start with the controls that anchor trust, then layer in nuance and regional specificity. Security and risk pros should:

  • Anchor strategy in NIST and ISO. These two frameworks form the backbone of AEGIS as the most universally mapped. Every control in AEGIS references both, giving you full coverage across risk management, operational assurance, and lifecycle governance. Forrester’s mapping shows 100% alignment with NIST AI RMF and ISO/IEC 42001:2023.
  • Use EU and OWASP to deepen compliance. These frameworks add specificity across transparency, human oversight, and LLM security. The EU AI Act contributes 80 unique references, while OWASP maps to 34 AEGIS controls. This matters for organizations operating in regulated markets or deploying generative AI. The OWASP Top 10 for LLMs flags risks like prompt injection and model abuse that NIST and ISO don’t fully cover. Use these to harden your controls and meet regional expectations.
  • Start with high-density controls for broad coverage. Controls like GRC-01, GRC-08, DATA-01, DEV-01, and GRC-02 map to 20 or more regulatory references each. These are your scaffolding. They touch governance, data integrity, development practices, and oversight. Starting here gives you the widest regulatory surface area with the fewest controls. CISOs should prioritize these for instrumentation, monitoring, and audit readiness. Use them to reduce blind spots and accelerate crosswalk completion.

If you’re a Forrester client, request an inquiry or guidance session with us to discuss AEGIS. Better yet, come see us in person at the Forrester Security & Risk Summit, November 5–7 in Austin, Texas, for a session dedicated to the AEGIS Framework on Thursday, November 6, at 11:30 a.m. CT.