VV.E.N.K.A.T Framework

Practitioner & Certification Suite

From architecture intent to certifiable evidence

A field guide for adopting V.E.N.K.A.T, measuring maturity, proving control effectiveness, and certifying a bounded agentic-AI system.

Start the lifecycleOpen control catalog

How to use the suite

Certify a defined system, not an aspiration

Define the assessment boundary before scoring: business capability, agents and models, data products, event channels, spatial services, knowledge stores, tools and APIs, people, vendors, environments, and jurisdictions. Record exclusions and interfaces as explicit risks.

The suite is usable for self-assessment, architecture governance, procurement assurance, internal audit, and independent certification. Tailoring may add controls; it must not silently remove mandatory gates.

  1. Baseline. Assess current maturity and control design.
  2. Target. Set risk-based maturity and control objectives.
  3. Roadmap. Close prioritized gaps with accountable work.
  4. Evidence. Test operating effectiveness, not document existence.
  5. Certify. Apply the 85% threshold and critical gates.
  6. Sustain. Monitor, reassess annually, and react to material change.

TOGAF ADM-aligned

Adoption lifecycle

The mapping complements TOGAF: ADM structures enterprise change; V.E.N.K.A.T supplies agentic-AI capability and assurance detail.

P

Preliminary

Purpose: establish mandate, scope, principles, roles, risk appetite, evidence repository, and assessment method.

Exit: approved charter, RACI, boundaries, tailoring record, and assessor independence criteria.

A

Architecture Vision

Purpose: define outcomes, stakeholders, autonomy boundaries, value hypothesis, and target maturity.

Exit: signed vision, system context, benefit measures, and initial risk classification.

B

Business Architecture

Purpose: map decisions, events, policies, accountable owners, human escalation, and operational resilience.

Exit: capability map, decision rights, process impacts, and critical-use-case inventory.

C

Information Systems

Purpose: design V, E, N, and K capabilities: contracts, lineage, streams, spatial models, graph semantics, and access.

Exit: data/application architectures, quality SLOs, schemas, and traceability.

D

Technology Architecture

Purpose: design A and T runtime controls, tool gateways, identity, observability, isolation, rollback, and recovery.

Exit: deployment architecture, threat model, control allocation, and nonfunctional requirements.

E

Opportunities & Solutions

Purpose: package work, pilots, dependencies, procurement, and transition architectures.

Exit: solution concept, work packages, transition states, and evidence plan.

F

Migration Planning

Purpose: prioritize gaps by risk and value; fund owners, milestones, acceptance criteria, and residual risk.

Exit: approved roadmap, benefits plan, risk treatment, and target dates.

G

Implementation Governance

Purpose: verify conformance through design reviews, test evidence, exceptions, release gates, and pilot monitoring.

Exit: control results, accepted exceptions, readiness decision, and traceable evidence pack.

H

Architecture Change

Purpose: monitor outcomes, drift, incidents, suppliers, regulations, and material-change triggers.

Exit: dashboard reviews, improvement backlog, reassessment decisions, and updated baseline.

R

Requirements Management

Continuous: trace business outcomes, risks, controls, tests, evidence, gaps, exceptions, and roadmap items throughout every phase.

Layer playbooks

Guidance and certification tests for V, E, N, K, A, and T

Each playbook ties rationale to executable work, accepted standards, evidence, measures, and a testable certification claim. Control IDs link to the catalog.

V

Verified Data

Agents cannot make defensible decisions from unknown, stale, biased, or untraceable facts.

Activities & standards

  • Inventory decision-critical data; assign accountable owners and classifications.
  • Publish versioned contracts, validation rules, lineage, retention, and quality SLOs.
  • Control training, retrieval, prompt, and output data; test bias and privacy.
  • Align to DAMA-DMBOK, DCAT, ISO/IEC 25012, ISO/IEC 27001, and applicable privacy rules.

Checklist & evidence

  • Contracts cover required fields, semantics, provenance, timeliness, and permitted use.
  • Evidence: catalog exports, lineage graphs, quality runs, access reviews, issue tickets, reconciliation samples.
  • Metrics: critical-element pass rate, freshness SLO attainment, unresolved defect age, lineage coverage.

Certification tests

  1. Sample critical decisions and trace every input to source and owner.
  2. Inject invalid/stale data and verify quarantine or safe degradation.
  3. Reconcile sampled records and confirm access/retention enforcement.

Verified Data meaning & quality guide · Controls V-01–V-04

E

Event-Driven Architecture

Autonomy needs timely, ordered, attributable signals and predictable failure behavior.

Activities & standards

  • Define business events, producers, consumers, schemas, keys, ordering, replay, and ownership.
  • Engineer idempotency, dead-letter handling, back-pressure, observability, recovery, and version compatibility.
  • Use CloudEvents, AsyncAPI, OpenTelemetry, schema registries, and platform security standards.

Checklist & evidence

  • Critical streams have SLOs, runbooks, retention, replay authorization, and consumer impact analysis.
  • Evidence: schemas, compatibility checks, trace views, recovery exercises, lag and DLQ reports.
  • Metrics: end-to-end latency, delivery success, duplicate rate, consumer lag, recovery time.

Certification tests

  1. Trace a production-like event from source through action and audit record.
  2. Test duplicate, late, malformed, and out-of-order events.
  3. Demonstrate outage recovery and controlled replay without duplicate harm.

Event-Driven Architecture technology guide · Controls E-01–E-04

N

Native Spatial Intelligence

Distance, topology, jurisdiction, movement, and uncertainty can change the safety and legality of an action.

Activities & standards

  • Model coordinate reference systems, precision, time, topology, networks, geofences, and jurisdiction.
  • Validate routing constraints, location privacy, spatial joins, uncertainty, and degraded positioning.
  • Use OGC/ISO geospatial standards, GeoJSON, WGS 84/EPSG definitions, and domain routing rules.

Checklist & evidence

  • Every spatial decision records source, timestamp, CRS, precision, and relevant constraints.
  • Evidence: topology tests, route benchmarks, geofence cases, map/service metadata, privacy review.
  • Metrics: positional error, route feasibility, geofence false alerts, spatial-service availability.

Certification tests

  1. Run boundary, CRS, stale-position, and restricted-zone scenarios.
  2. Compare sampled routes to authoritative constraints and human review.
  3. Verify privacy transformations and fallback when location confidence is low.

Native Spatial Intelligence technology guide · Controls N-01–N-04

K

Knowledge Graphs

Connected reasoning must preserve meaning, provenance, authorization, and temporal truth.

Activities & standards

  • Define competency questions, ontology ownership, identity resolution, provenance, and temporal semantics.
  • Validate graph constraints, inference rules, source confidence, access boundaries, and change impact.
  • Use RDF, OWL, SHACL, SPARQL, PROV-O, SKOS, or governed property-graph equivalents.

Checklist & evidence

  • Claims are source-linked; inferred facts are distinguishable; sensitive subgraphs are protected.
  • Evidence: ontology versions, SHACL reports, query tests, provenance samples, access reviews.
  • Metrics: constraint conformance, entity-resolution precision, provenance coverage, stale-claim rate.

Certification tests

  1. Answer representative competency questions and trace claims to evidence.
  2. Insert conflicting and unauthorized relationships; verify detection and denial.
  3. Test ontology migration and time-aware reasoning on historical facts.

Knowledge Graphs technology guide · Controls K-01–K-04

A

AI Orchestration

Agent autonomy must be bounded, observable, interruptible, and recoverable across models and tools.

Activities & standards

  • Register agents, models, prompts, tools, permissions, budgets, owners, and intended uses.
  • Enforce least privilege, approvals, deterministic policy checks, timeouts, rollback, and human escalation.
  • Evaluate quality, adversarial behavior, model/tool change, and failure cascades using NIST AI RMF and ISO/IEC 42001 practices.

Checklist & evidence

  • Each consequential action has identity, inputs, rationale, policy result, tool call, output, and outcome.
  • Evidence: registry, eval results, traces, approval logs, red-team reports, rollback drills.
  • Metrics: task success, unsafe-action blocks, override rate, rollback success, cost/latency, escalation SLA.

Certification tests

  1. Attempt prohibited and out-of-scope tool calls; verify deny-by-default.
  2. Test prompt injection, excessive agency, tool failure, budget breach, and emergency stop.
  3. Replay sampled actions from immutable logs and verify accountable approval.

AI Orchestration technology guide · Controls A-01–A-05

T

Trust & Governance

Accountability, security, safety, compliance, and recourse must wrap every layer and lifecycle phase.

Activities & standards

  • Establish governance bodies, accountable owners, risk tiers, policies, segregation of duties, and exception authority.
  • Perform threat, privacy, safety, impact, supplier, resilience, and regulatory assessments.
  • Align to ISO/IEC 42001, 23894, 27001, 27701, NIST AI RMF/CSF, and applicable law.

Checklist & evidence

  • Users receive notice and recourse; incidents have playbooks; exceptions expire; evidence is tamper-evident.
  • Evidence: minutes, risk register, impact assessments, access reviews, incidents, training, exception decisions.
  • Metrics: control pass rate, incident severity/time-to-contain, overdue risks, exception age, recourse SLA.

Certification tests

  1. Trace sampled risks to owner, treatment, control, test, and residual acceptance.
  2. Exercise incident response, audit reconstruction, user challenge, and kill switch.
  3. Verify mandatory training, independent oversight, supplier obligations, and exception expiry.

Trust & Governance technology guide · Controls T-01–T-06

Maturity model

Foundation, Managed, and Optimized

1

Foundation

Scope and owners are known; minimum architecture and mandatory controls are designed; critical workflows are documented and tested before production.

  • Manual evidence is acceptable if repeatable and approved.
  • Metrics establish baselines.
  • Exceptions are visible, owned, and time-bound.

2

Managed

Controls operate consistently across environments with assigned SLOs, integrated telemetry, periodic testing, and portfolio governance.

  • Evidence collection and traceability are substantially automated.
  • Trends drive funded remediation.
  • Suppliers and changes follow the same gates.

3

Optimized

Continuous control monitoring, adaptive thresholds, predictive risk signals, cross-system learning, and independently validated improvements are institutionalized.

  • Near-real-time assurance detects drift.
  • Metrics demonstrate business and risk outcomes.
  • Lessons measurably improve architecture and controls.
Rating rule: rate each layer at the highest level for which all stated characteristics are evidenced. Overall maturity is the lowest rating among critical in-scope layers; averages may be reported separately but cannot hide a weak dependency.

Assurance workflow

Internal readiness, then independent certification

1

Prepare

Appoint an assessment owner; freeze scope and control version; complete baseline, target, gap, roadmap, risks, exceptions, and evidence index.

2

Self-assess

Control owners test design and operation, attach evidence, calculate scores, remediate failures, and disclose unresolved issues.

3

Internal challenge

A team independent of implementation samples evidence, reruns critical tests, validates scoring, and issues a readiness decision.

4

Independent assess

A qualified assessor confirms scope, samples controls and transactions, interviews owners, observes tests, and records findings without management influence.

5

Decide

Certification authority reviews the assessment report, score, gate results, exceptions, and residual risks; it grants, conditionally grants, or denies certification.

6

Monitor

Publish certification boundary, level, version, date, conditions, and expiry; continuously monitor commitments and reassessment triggers.

Scoring

Score each applicable control: 0 = absent, 1 = designed, 2 = partially operating, 3 = consistently effective. Weighted score = earned points ÷ available points × 100. Exclusions require documented applicability rationale and assessor approval.

Pass

At least 85% overall and by every critical layer, with all mandatory critical controls effective (score 3), no open critical finding, and no expired exception.

Conditional

Only for noncritical deficiencies when the threshold and all gates pass. Conditions need an owner, deadline, monitoring, and authority approval; they cannot waive a mandatory gate.

Fail

Any failed mandatory gate, open critical finding, unreliable evidence, scope misstatement, or score below threshold denies or suspends certification.

Use the certification report templateReview the worked logistics example

Keep assurance current

Annual and material-change reassessment

Full reassessment is required at least annually. Certification expires after 12 months unless renewed; surveillance should review dashboards, incidents, exceptions, and roadmap commitments at least quarterly.

Material-change triggers

  • New or materially changed model, agent, prompt architecture, tool, or autonomy level
  • New decision type, population, geography, regulation, data source, or sensitive-data use
  • Major platform, ontology, event schema, spatial model, vendor, or access-control change
  • Severe incident, control failure, unexpected harm, sustained drift, or missed SLO
  • Change to certification scope, accountable ownership, risk appetite, or mandatory standard

A trigger initiates impact triage immediately. The certification authority decides whether targeted testing is sufficient or certification must be suspended pending full reassessment.

Practitioner resources

Put the method to work

Study guide & skills path

Build mastery through six layer modules, hands-on labs, a 12-week plan, knowledge checks, and role-based certification choices.

Open study guide

Control catalog

Assess design and operating effectiveness with ownership, evidence, scoring, findings, and remediation fields.

Open catalog

Artifact templates

Copy-ready structures for baseline, target, gap, roadmap, evidence, risk, exception, dashboard, and certification.

Open templates

Logistics mock certification

A worked 50-truck dispatch example showing scores, gate results, findings, and the decision.

Open pilot