GAISD in the
Governance Ecosystem.
GAISD is a manifesto about mindset — not a standard, a regulation, or a certification scheme. It sits alongside, and in support of, the global frameworks that are defining how organizations must govern artificial intelligence.
What GAISD is
A statement of principles for how senior engineers should think about software in the age of AI-assisted development.
What GAISD is not
A replacement for ISO/IEC 42001, NIST AI RMF, the EU AI Act, or any other governance framework. No certifications. No standard. No lobbying.
Why both matter
Formal frameworks define what must be governed. GAISD describes the engineering mindset that lets teams take those requirements seriously inside the codebase.
Three layers. GAISD is the middle.
How GAISD complements each framework.
ISO/IEC 42001
Management system requirements for organizations developing or using AI — a formal structure for responsible AI at the organizational level.
GAISD provides the engineering culture — Human Intentionality, Structural Primacy, Traceability — that makes AIMS operationally meaningful inside software teams.
NIST AI RMF
Voluntary risk framework for trustworthy AI, organized around four functions: Govern, Map, Measure, Manage.
GAISD reinforces NIST's Govern function at the developer level: no "the AI decided", explicit ownership of every decision in the SDLC.
EU AI Act
Risk-based regulation of AI systems in the European market. Classifies AI by risk and imposes transparency, oversight, and auditability obligations.
GAISD's Traceability and Business Rule Sovereignty principles align with EU AI Act requirements for transparency, human oversight and auditability of AI-assisted outputs.
It is a manifesto, not a methodology.
Its role is to shift the conversation — so that when teams apply ISO/IEC 42001, NIST AI RMF, or the EU AI Act, they do so with the discipline that makes those frameworks worth the paper they are written on.