The Trusted AI OS: how the platform works

The Trusted AI OS is a five-step lifecycle that takes an AI agent from initial discovery through ongoing re-certification. Three working layers span Governance, Operating Model, and Runtime, and every step produces structured evidence that feeds a regulator-ready Trust Record.

Step 1: Discover

Inventory every AI agent in your estate. Classify agents by type (Autonomous, Copilot, Workflow), capture the data they touch, the tools they call, and the humans they loop in. Build the AI register your regulator expects.

Step 2: Assess

Run the Agentic Security Assessment against the 42-risk Agentic Risk Matrix. Identify critical gaps across permissions, oversight, data protection, and supply chain. Map findings to MAS FEAT, IMDA AI Verify, PDPA, and ISO 42001.

Step 3: Remediate

Work through a prioritised remediation log. Each finding carries a severity rating, a mapped framework control, and a recommended fix. Track progress in the Protum workspace and generate evidence artefacts as you close each item.

Step 4: Certify

Issue a signed Trust Record for each assessed agent. The Trust Record carries the trust score, risk domain assessments, compliance mappings, and a link to the public verification endpoint. Apply for the Protum certification mark to signal trustworthiness to buyers and regulators.

Step 5: Monitor and Re-certify

Deploy the runtime SDK to capture live behavioural envelopes. Detect drift, misuse patterns, and novel attack types in production. Trigger re-certification when an agent changes materially so the Trust Record stays current.

Start with a Free Assessment