awossAgentic Workspace Security Standard

Standard

Standard Overview

Working draft

This page renders the current awoss working draft. It is not a released standard, certification program, compliance framework, legal analysis, endorsement, or public conformance claim.

Short name: awoss

Status: non-released, profile-first working draft.

Current posture: no standalone standard, certification, or compliance claims. awoss is currently an integrated crosswalk, profile, and evidence model for agentic workspace security.

Draft date: 2026-05-28.

Primary unit of assessment: scoped agentic workspace system.

This is a non-released working draft of the Agentic Workspace Security Standard. It currently defines a profile-first, gap-closing control and evidence model for review and crosswalk validation. It is not a standalone released standard, certification program, compliance program, or public conformance scheme.

How To Read This Draft

The words MUST, MUST NOT, SHOULD, SHOULD NOT, and MAY are used in this working draft to express candidate normative intent. Until a released version exists, they do not create public conformance obligations and must not be used to claim that a system is awoss compliant, certified, approved, or independently validated.

This draft is intentionally conservative. It should be read first as an integrated profile and evidence model that joins workspace boundaries, runtime action control, source provenance, sensitive-data handling, logging, validation, governance, and claim limits. Stronger standalone-standard or conformance language must wait until the candidate requirements, evidence model, mapping model, governance process, validator posture, and release rules are validated and revised.

Current draft coverage:

  • Foundation sections are drafted: status, introduction, scope, terms, conformance model, assurance levels, and system boundary.
  • Candidate control families have first-pass Level 1, Level 2, and Level 3 requirements.
  • Evidence, mapping, governance, claim-language, future certification, and appendix sections have first-pass draft content.
  • Appendix C includes compact source-by-source informative mapping entries derived from the detailed source-first and family-first crosswalk notes. They must still be validated, expanded, and governed before any release or public mapping claim. Until that mapping, governance, and claim-review work is complete, awoss should be described as a profile-first standardization effort rather than a released standalone standard.

Table Of Contents

  1. Status Of This Draft
  2. Introduction
  3. Scope
  4. Terms And Definitions
  5. Conformance Model
  6. Assurance Levels
  7. System Boundary And Responsibility Owners
  8. Candidate Control Families
  9. Evidence Model
  10. External Mapping Model
  11. Governance And Change Management
  12. Claim Language
  13. Future Certification Considerations
  14. Changelog
  15. Appendix A: Evidence Artifact Catalogue
  16. Appendix B: Control Family Summary
  17. Appendix C: External Standards Mapping
Previous
Claim limits
Next
Status Of This Draft