HomeResearch LibraryAgentic AI Risk-Management Standards Profile
Chapter 6 · 2026

Agentic AI Risk-Management Standards Profile

Nada Madkour, Jessica Newman, Deepika Raman, Krystal Jackson, Evan R. Murphy, Charlotte Yuan

Abstract

AI systems that use reasoning to autonomously pursue goals through interaction with external environments and tools—referred to hereafter as “AI agents” or “agentic AI”—promise transformative benefits for productivity and complex problem-solving. However, the ability of AI agents to operate with increased autonomy also introduces significant risks, such as unintended goal pursuit, unauthorized privilege escalation or resource acquisition, and other behaviors—such as self-replication or resistance to shutdown—that could result in systemic or catastrophic harm. This paper introduces the Agentic AI Risk-Management Standards Profile, which aims to provide a targeted set of practices and controls for identifying, analyzing, and mitigating risks specific to agentic AI. It complements the NIST AI Risk Management Framework and focuses on risks emerging when AI-based systems are granted agency to act on behalf of users.

Eigenvector Insight — Zone III / PASF-PADE AnalysisNot part of the original paper
Eigenvector Research — Marco van Hurne
How this paper contributes to solving the Zone III problem (PASF-PADE)

This paper directly addresses one of the core structural challenges in Zone III deployments. The research on Agentic AI, Risk Management, Cybersecurity provides evidence-based foundations that enterprise architects cannot ignore when designing long-horizon autonomous workflows. The findings challenge the assumption that a base language model — however capable — can handle the complexity of durable, governed, multi-step execution without explicit architectural intervention. For Zone III practitioners, this paper belongs in the required reading list.

Why AI is not sufficient for Zone III without this

Zone III refers to high-complexity, high-risk, long-running agentic workflows — the class of enterprise AI deployments where a single failure can cascade across hundreds of steps. Standard AI models, trained to predict the next token, are not inherently designed for durable, governed, multi-step execution. This paper addresses one or more of the structural gaps that make Zone III deployments unsafe without explicit architectural intervention.

Topics

Agentic AIRisk ManagementCybersecurityAI AgentsNIST AI RMFAutonomous SystemsSecurity RisksGovernance