Foreword
AI governance is moving quickly, and the danger is treating it as a paperwork exercise while agents, models and infrastructure become part of the operating fabric of the business. A Control Blueprint for AI is a deliberately different document. It is not a model-security checklist; it is a control blueprint for the people who now have to decide where AI runs, what it can reach, which assets it can change, who can stop it, and how the business recovers if the system fails or is abused. Grounded in AISI, NCSC, NIST AI RMF, OWASP GenAI, MITRE ATLAS, RAND and the International AI Safety Report 2026, and written by Mark Fermor, it gives boards and CISOs a common vocabulary, Control the Path, Govern the Agent, Protect the Asset, and the operating cadence to run AI control as a discipline, not a policy.
Mark Fermor · Co-Founder, Firevault