v0.5.0 — Playbook 24: Board-Ready Scorecard (Executive Layer)
v0.5.0 — Playbook 24: Board-Ready Scorecard (Executive Layer)
Milestone release. The framework now ships its first executive-layer artifact. Where v0.2.0–v0.4.0 shipped the technical IR lifecycle (proactive · reactive · post-incident), v0.5.0 translates that machinery into board-verifiable posture — closing the gap between what CISOs know and what their boards can ask, audit, and defend.
What's new
-
playbooks/24-board-ready-scorecard.md(18.3KB · 2,489 words · ~9 min read) — The executive-layer playbook. Introduces a four-domain AI IR scorecard (Containment · Evidence · Governance · Recovery), a 10-item checklist matching Issue #24's structure, a GREEN/AMBER/RED rating rubric, an Executive Incident Snapshot template, a quarterly cadence as governance engine, and the "documentation-ready vs board-ready" distinction. -
README reading order #9 — Playbooks — Now lists all FOUR playbooks (PB01 + PB04 + PB18 + PB24).
Playbook 24 — sections shipped (CONTRIBUTING template compliant)
- Premise — The disconnect between technical IR machinery and executive language; the five enduring board questions that have not changed in twenty years
- First-Hour Actions — The 60-minute Executive Incident Snapshot delivery (baseline pull → GREEN/AMBER/RED rating per domain → top-two-risks identification → snapshot send to board chair + CISO + Counsel + Comms)
- Containment Options — Domain A scorecard items (A1 read-only mode · A2 approvals mode · A3 emergency stoppage), each mapped to Kill-Switch Modes M1/M2/M4 with the GREEN-AMBER-RED test
- Evidence Priorities — Domain B scorecard items (B1 60-minute export SLA · B2 chain-of-custody · B3 action-sequence reconstruction), each mapped to Evidence Set A–F types
- Recovery Sequence — Domain D scorecard items (D1 staged re-enable · D2 recurrence-containment validation), with the Playbook 18 replay test as the acceptance gate
- Post-Incident Hardening — Domain C governance items (C1 tiered permissions · C2 dynamic write-target limits) AND the Quarterly Cadence as Hardening model:
- Top 3–5 production agents scored quarterly
- Top two gaps per agent identified
- One gap closed per quarter (commitment, with owners + deadlines)
- Board-meeting risk-committee integration
- Annual maturity-roadmap aggregation
- The Executive Incident Snapshot Template — A one-page board-ready format covering Top agents in scope · Containment readiness · Evidence readiness · Governance boundaries · Recovery readiness · Top two risks (plain language) · Quarterly improvements shipped · Next quarter commitments
- Common Pitfalls — 10 highest-frequency failure modes (jargon briefings · documentation confused with capability · opinion scoring · annual-only reviews · no gap-closure commitment · aggregated single-score posture hiding agents · technical risk language · vague improvement bullets · security theater · no risk-committee tie)
- Key Metrics for Board-Ready Posture — Three measurable floors (TT-read-only < 10 min · TT-evidence-export < 60 min · output-distribution clarity)
- Related — 13 framework cross-references
- The Question to Carry Forward — "If your most advanced AI agent caused harm for 30 minutes, could you demonstrate to leadership today — using concrete evidence rather than opinion — how you would stop it, verify what occurred, define the scope, and restore operations safely?"
Scoring rubric
For each agent, count gaps across the 10 scorecard items:
0–3 gaps → Strong baseline "Capabilities are operational and tested"
4–6 gaps → Exposed "Documented procedures, unverified capabilities"
7+ gaps → Urgent remediation "Operating without board-ready IR posture"
The scoring is deliberately blunt. Boards do not need nuance; they need can-we-or-can't-we.
Crosswalk coverage
Playbook 24 supports the following industry-standard subcategories (11 IDs, all spec-verified):
- NIST AI RMF 1.0: GOVERN 1.4 (continuous improvement), GOVERN 1.6 (AI inventory mechanisms), GOVERN 3.2 (human-AI roles), MANAGE 4.2 (continual improvements)
- NIST CSF 2.0: GV.OV-01 (strategy outcomes reviewed), GV.OV-02 (strategy adjusted to coverage), GV.RR-02 (roles/responsibilities), ID.IM-01 (improvements from evaluations), RC.CO-03 (recovery communication)
- OWASP Agentic Top 10 2026: ASI03 Identity & Privilege Abuse (governance dimension), ASI09 Human-Agent Trust Exploitation (board trust dimension)
Forward-reference closure
Playbook 24 closes both load-bearing multi-file forward references that have existed since v0.1.0:
- ✅
framework/01-minimum-viable-overlay.md→playbook-24(Board-Ready Scorecard for conformance documentation) - ✅
framework/03-maturity-roadmap.md→playbook-24(Board-Ready Scorecard for maturity-level board questions)
What the framework now spans
┌─────────────────────────────┐
│ PB 04 (Proactive) │ Design BEFORE → v0.3.0
│ Tool Design Is Containment │
└──────────────▲───────────────┘
│
┌─────────────────────────────┐
│ PB 01 (Reactive) │ Respond DURING → v0.2.0
│ Agent Is Privileged Identity│
└──────────────▲───────────────┘
│
┌─────────────────────────────┐
│ PB 18 (Post-Incident) │ Harden AFTER → v0.4.0
│ Post-Incident Hardening │
└──────────────▲───────────────┘
│
┌─────────────────────────────┐
│ PB 24 (Executive Layer) │ Translate to BOARD → v0.5.0 🆕
│ Board-Ready Scorecard │
└─────────────────────────────┘
A CISO can now download v0.5.0.zip and present a defensible quarterly AI IR posture briefing to their board within the hour — using the 4-domain scorecard, the 10-item checklist, the GREEN/AMBER/RED rating, and the Executive Incident Snapshot template. The framework is now citable in academic, regulatory, AND boardroom contexts.
What did NOT change
- The four MVO controls
- The Six Triage Questions
- The Kill-Switch Modes M0–M5
- The Minimum Evidence Set A–F
- The four-level Maturity Model
- All 3 crosswalks (NIST AI RMF + NIST CSF 2.0 + OWASP Agentic)
- All templates (AI-BOM, Privilege Matrix)
- All 4 OSS-convention files
- All 5
.github/templates - Apache 2.0 + Trademark Notice in LICENSE
- Playbook 01 (byte-identical to v0.2.0)
- Playbook 04 (byte-identical to v0.3.0)
- Playbook 18 (byte-identical to v0.4.0)
- Branch protection on main (enforced from v0.2.0 onward)
- 100/100 GitHub Community Standards
CITATION.cff
- Top-level
version: "0.5.0" preferred-citation.version: "0.5.0"date-released: "2026-06-20"
Cite this release
Ideji, J. (2026). The AI IR Overlay Framework (v0.5.0). https://github.com/jacobideji/aiiroverlay
Forward references — remaining playbook roadmap
After v0.5.0, 7 playbooks remain, all single-file forward references. Suggested sequence (per the roadmap):
- v0.6.0 —
playbook-03RAG / Knowledge-Base Forensics (closes Evidence Type C gap) - v0.7.0 —
playbook-13Six Metrics (operational measurement; naming continuity with Six Questions and Six Modes) - v0.8.0 —
playbook-14Testing for Agent Failure Modes (tabletop / drill content; bridges PB04 to practice) - v0.9.0 —
playbook-12Insider Threat 3.0 (different threat-model angle) - v0.10.0 —
playbook-15Records, Retention, and Proving What Happened (regulator-facing depth) - v0.11.0 —
playbook-20Operating Cadence (Maturity Level 3–4 transitional) - v0.12.0 —
playbook-23Multi-Stakeholder Logging and Privacy (privacy/legal complement) - v1.0.0 — Framework complete (11 playbooks · 3 crosswalks · all forward references resolved)
Acknowledgments
The thesis behind this playbook — that AI risk only becomes governance when measured, tracked, and reported with the same discipline organizations bring to financial controls — comes from Issue #24 of the AI IR Overlay LinkedIn newsletter. v0.5.0 makes that discipline enforceable through the four-domain scorecard, the quarterly cadence as governance engine, and the documentation-ready-versus-board-ready test.
The framework now has the complete cross-layer coverage to claim:
Any AI incident can be prepared for (PB04), responded to (PB01), closed defensively (PB18), and reported credibly to leadership (PB24) — using framework artifacts that exist in the repository, with industry-standard citations and measurable acceptance criteria at every stage.