Status Of This Draft

This document is the canonical working-draft entrypoint for awoss, the Agentic Workspace Security Standard. The current public posture is profile-first: awoss may be used as an integrated crosswalk, candidate control profile, and evidence model, but not as a released standalone standard, certification, or compliance framework.

This draft is mutable. It may change substantially as candidate controls are expanded, mapped to external sources, tested against example systems, reviewed for implementability, and revised for governance and claim safety.

This draft does not establish:

• a released standard version
• a public conformance profile
• a legal compliance profile
• a certification program
• an auditor or validator program
• approval or endorsement by any external standards body
• equivalence to any referenced external standard

Working-draft users may use this document to structure internal analysis, design reviews, control mapping, and evidence collection experiments. They must describe that use with bounded language such as:

• "informed by awoss candidate controls"
• "maps to selected awoss candidate controls"
• "supports evidence for selected awoss candidate controls"
• "implements selected candidate controls for a named system boundary"

Working-draft users must not claim that a system is:

• awoss compliant
• awoss certified
• awoss approved
• secure because it uses awoss

The intended next validation steps are:

• complete the broader post-crosswalk rework for evidence language, mapping language, claim limits, and family boundaries
• validate and expand the source-by-source mapping appendix against the detailed source-first and family-first crosswalk notes
• review requirements for implementability across multiple runtime and workspace models
• define release, errata, and governance rules before any public version is labeled as released