EC-Council launches ADG AI framework with 12 controls for governance

EC-Council, the global credentialing body behind the Certified Ethical Hacker (CEH), has unveiled its proprietary Adopt. Defend. Govern. (ADG) AI Framework and a complimentary AI Readiness Self-Assessment Tool. Designed to help organizations securely adopt, operationalize, and govern AI at scale, the framework was developed with input from practitioners and advisory board members at major enterprises including Citi, JPMorgan Chase, Microsoft, KPMG, Deloitte, NTT Data, GE Healthcare, GlobalLogic, Prudential, and Salesforce. The ADG Framework establishes a unified operating model built on three pillars—Adopt, Defend, and Govern—supported by 12 minimum controls, nine governance surfaces, nine deployment overlays, and three autonomy tiers. It directly aligns with global standards such as the EU AI Act, ISO/IEC 42001, and the NIST AI RMF, and references OWASP Top 10 for LLM/Agentic AI and MITRE ATLAS to address technical, societal, operational, and systemic AI risks.

The launch comes amid a widening gap between AI acceleration and accountability. Global AI spending is projected to hit $2.5 trillion in 2026, yet only 1% of leaders believe their AI governance capabilities have reached maturity, and 78% of executives say they would not be confident passing an AI governance audit within the next 90 days. EC-Council’s ADG Framework is a practitioner-led execution engineered for real-world deployment, providing enforceable minimum controls, operational validation standards, and accountability mechanisms for AI systems, agentic environments, multi-model architectures, and LLM ecosystems. Alongside the framework, the free AI Readiness Self-Assessment Tool gives organizations operational visibility into their current governance posture, allowing them to benchmark against the ADG controls and identify gaps before governance failures become systemic liabilities.