EC-Council Launches AI Governance Framework, Readiness Tool for Secure Enterprise AI Adoption
New ADG Framework developed with industry leaders aims to help organisations adopt, secure and govern AI systems at scale
EC-Council’s ADG Framework enables secure, governed AI design through structured controls and accountability
Hyderabad: Cybersecurity certification and training organisation EC-Council has launched a new artificial intelligence governance framework and a free readiness assessment tool designed to help enterprises securely deploy, manage and govern AI systems across their operations.
The newly introduced Adopt. Defend. Govern. (ADG) AI Framework has been developed with contributions from industry practitioners and advisory board members representing organisations including Citi, JPMorgan Chase, Microsoft, KPMG, Deloitte, NTT Data, GE Healthcare, GlobalLogic, Prudential and Salesforce.
According to EC-Council, the framework provides a structured operating model comprising three pillars, 12 minimum controls and nine governance surfaces aimed at helping organisations manage AI adoption while addressing security, compliance and accountability requirements. The framework is aligned with global standards including the EU AI Act, ISO/IEC 42001 and the NIST AI Risk Management Framework.
The launch comes amid rapid growth in enterprise AI adoption. EC-Council cited industry estimates projecting global AI spending to reach $2.5 trillion in 2026 while noting that governance maturity remains limited across organisations deploying AI technologies.
Jay Bavisi, Group President of EC-Council, said organisations are increasingly scaling AI systems faster than they can effectively govern them.
“The ADG Framework was developed to restore operational discipline, establish accountability, and help organisations operationalise AI responsibly before governance failures become systemic business liabilities,” he said.
The framework is organised around three core functions. The “Adopt” pillar focuses on aligning AI deployment with business objectives and organisational readiness. The “Defend” component addresses emerging AI security threats such as prompt injection attacks, adversarial manipulation, data poisoning and AI supply-chain risks. The “Govern” pillar focuses on oversight, auditability, accountability and risk management throughout the AI lifecycle.
Alongside the framework, EC-Council has introduced a free AI Readiness Self-Assessment Tool that enables organisations to evaluate governance maturity, implementation discipline, security posture and operational resilience while generating prioritised implementation roadmaps.
To support workforce readiness, the organisation has also launched three new AI-focused certifications: Certified AI Program Manager (CAIPM), Certified Offensive AI Security Professional (COASP), and Certified Responsible AI Governance and Ethics Professional (CRAGE). These programmes are designed to help professionals develop expertise in AI governance, security testing and responsible AI deployment.
EC-Council said the ADG Framework has been designed as an open, community-driven initiative that organisations can adopt without licensing fees or vendor lock-in, allowing it to evolve alongside emerging AI technologies and governance requirements.
Founded in 2001, EC-Council is best known as the creator of the Certified Ethical Hacker (CEH) programme and has certified more than 400,000 cybersecurity professionals worldwide.
