Control Dependency Governance

2. Summary

Control Dependency Governance requires that organisations formally record, validate, and maintain the dependency relationships between governance controls — where one control assumes, requires, strengthens, or weakens another. A governance framework with hundreds of controls inevitably contains controls that depend on one another: AG-001 (Operational Boundary Enforcement) is a precondition for nearly every other control; AG-007 (Governance Configuration Control) underpins all controls that rely on versioned configuration artefacts. Without formal dependency governance, these relationships remain implicit, creating the risk that disabling, degrading, or failing to implement one control silently undermines others. The dependency graph MUST be a versioned, validated artefact that is consulted during implementation planning, conformance assessment, and incident analysis.

3. Example

Scenario A — Untracked Dependency Causes Cascading Non-Conformance: An organisation implements AG-022 (Behavioural Drift Detection) for its customer-facing agent, achieving Score 3 conformance with independent adversarial testing. However, the drift detection system relies on behavioural baselines that are stored and versioned through the mechanism governed by AG-007 (Governance Configuration Control). When the operations team migrates the configuration store to a new platform, the migration introduces a 72-hour gap during which baseline versions are not immutable. During this window, the drift detection system updates its baselines using corrupted telemetry data from a deployment error. The baselines shift silently. Drift detection continues to report "no drift" because the corrupted baselines are now the reference. The dependency between AG-022 and AG-007 was never formally recorded, so the migration team did not consult the governance team about the impact on drift detection.

What went wrong: The dependency AG-022 → AG-007 was implicit. The migration team had no way to discover that their change to the configuration store affected drift detection integrity. Consequence: 6 weeks of false-negative drift detection, undetected behavioural change in the customer-facing agent resulting in 1,247 non-compliant customer interactions, regulatory notification required under GDPR Article 33, £180,000 in remediation and notification costs.

Scenario B — Circular Dependencies Block Implementation: An organisation attempting to implement controls AG-153 (Control Efficacy Measurement) and AG-056 (Independent Validation) discovers that its implementation of AG-153 requires AG-056 outputs to calibrate efficacy metrics, while AG-056 requires AG-153 outputs to scope validation activities. Neither team can proceed because each is waiting for the other's outputs. The circular dependency was not detected during planning because no dependency graph existed. After 4 months of stalled implementation, both teams independently create stub implementations that satisfy their respective inputs — but neither stub provides meaningful data. Both controls pass conformance assessment at Score 2 while providing no actual governance value.

What went wrong: A circular dependency existed between the two controls' implementations (not their logical definitions). Without a dependency graph that distinguishes logical dependencies from implementation dependencies, the circular relationship was invisible until it blocked progress. Consequence: 4 months of implementation delay, two controls at Score 2 providing no governance value, £210,000 in wasted implementation effort.

Scenario C — Weakening Relationship Not Recorded Produces False Assurance: An organisation implements AG-158 (Standard Evolution and Emergency Update) with an aggressive auto-update mechanism that applies standard changes within 24 hours. The same organisation has AG-219 (Control Taxonomy Governance) implemented with quarterly review cycles. When AG-158 triggers an emergency taxonomy restructuring, the auto-update modifies the taxonomy before the quarterly review can validate the change. The rapid update weakens AG-219's change-control guarantees, but this weakening relationship is not recorded in any dependency register. Conformance assessment reports both controls as Score 2, concealing the fact that AG-158's implementation actively undermines AG-219's integrity.

What went wrong: The weakening relationship (AG-158 implementation can weaken AG-219 guarantees under specific conditions) was not recorded. Dependency governance would have required documenting this relationship and implementing safeguards. Consequence: Quarterly taxonomy review rendered ineffective by uncontrolled emergency updates, false assurance in conformance reports.

4. Requirement Statement

Scope: This dimension applies to every organisation that implements two or more controls from the Agent Governance Standard. Even a minimal implementation of two controls may involve a dependency — for example, any control that relies on versioned configuration depends on AG-007. The scope covers four relationship types: (1) "requires" — Control A cannot function without Control B being implemented; (2) "assumes" — Control A's design assumes Control B is present and functioning, but can operate in a degraded mode without it; (3) "strengthens" — implementing Control A increases the effectiveness of Control B; (4) "weakens" — under specific conditions, Control A's implementation can reduce the effectiveness of Control B. The scope extends to implementation-level dependencies (where one control's technical implementation depends on another's infrastructure) as well as logical dependencies (where one control's governance objective assumes another's objective is met).

4.1. A conforming system MUST maintain a formal dependency register recording all known dependency relationships between implemented controls, specifying the relationship type (requires, assumes, strengthens, weakens) and the nature of the dependency.

4.2. A conforming system MUST validate the dependency register against the actual implementation on at least a quarterly basis, verifying that required dependencies are satisfied and that weakening relationships have documented mitigations.

4.3. A conforming system MUST perform a dependency impact assessment before any control is modified, disabled, or decommissioned, identifying all controls that depend on the affected control and evaluating the impact on their effectiveness.

4.4. A conforming system MUST reject or flag for senior governance review any change that would break a "requires" dependency — i.e., disabling or degrading a control on which another implemented control depends.

4.5. A conforming system MUST include dependency relationship verification in conformance assessments, confirming that each control's required dependencies are implemented and effective at the time of assessment.

4.6. A conforming system SHOULD represent dependencies as a directed graph enabling automated cycle detection, impact analysis, and topological ordering for implementation planning.

4.7. A conforming system SHOULD generate automated alerts when telemetry indicates that a dependency source control (the control depended upon) has degraded below its required effectiveness level.

4.8. A conforming system MAY implement dependency strength scoring — quantifying the degree to which one control depends on another, enabling prioritised impact analysis when a control degrades.

5. Rationale

Governance frameworks do not consist of independent controls. Controls interact — they assume one another, reinforce one another, and under certain conditions undermine one another. These interactions are a form of coupling, and like all coupling in complex systems, they must be managed explicitly or they will produce unexpected failures.

The Agent Governance Standard contains controls that form long dependency chains. AG-001 (Operational Boundary Enforcement) is a precondition for most other controls — if agents cannot be bounded, monitoring, logging, and drift detection have no reference frame. AG-007 (Governance Configuration Control) is depended upon by every control that stores configuration in a versioned artefact. AG-219 (Control Taxonomy Governance) is depended upon by every control that relies on correct applicability classification. These chains create transitive exposure: a failure in AG-007 can propagate through every control that depends on versioned configuration.

Without explicit dependency governance, three failure modes are predictable. First, cascading non-conformance: disabling or degrading one control silently undermines multiple dependent controls. Second, implementation ordering errors: teams attempt to implement controls before their prerequisites are in place, leading to stub implementations that pass assessment but provide no value. Third, false assurance: conformance assessments evaluate controls in isolation, missing the fact that a control scored at 3 is ineffective because its prerequisite is scored at 0.

Dependency governance makes these relationships visible, trackable, and assessable. It is a meta-governance function — governance of the governance framework's internal structure.

6. Implementation Guidance

The dependency register should be implemented as a directed graph where nodes are controls and edges are typed dependency relationships. Each edge should record: the source control (the control that depends), the target control (the control depended upon), the relationship type (requires, assumes, strengthens, weakens), a description of the specific dependency, and for "weakens" relationships, the conditions under which weakening occurs and the mitigation in place.

Recommended patterns:

• Graph-based dependency registry. Maintain the dependency graph in a graph database or structured data format (e.g., adjacency list in JSON/YAML). Implement automated queries for: transitive dependency resolution (all controls that transitively depend on a given control), cycle detection (circular dependencies that need resolution), and impact analysis (all controls affected by a change to a given control). The graph should be versioned alongside the taxonomy (AG-219).
• Dependency-aware conformance assessment. Extend conformance assessments to include dependency verification. Before scoring a control, verify that all its "requires" dependencies are implemented and effective. A control with an unmet "requires" dependency cannot score above 1 regardless of its own implementation quality. This prevents false assurance from isolated control assessment.
• Implementation topological ordering. When planning a new implementation or major upgrade, topologically sort the dependency graph to determine implementation order. Controls with no dependencies are implemented first; controls that depend on others are implemented after their dependencies. This eliminates the stub-implementation pattern where teams build placeholders to unblock parallel work.
• Degradation cascade monitoring. Integrate dependency data with control health monitoring. When a control's effectiveness drops below a threshold, automatically identify all dependent controls and generate alerts for their owners. For example, if AG-007 effectiveness drops due to a configuration store outage, all controls that depend on AG-007 should receive automated notifications.

Anti-patterns to avoid:

• Prose-only dependency documentation. Dependencies documented in prose ("AG-022 relies on AG-007 for baseline versioning") are not machine-queryable and will not be consulted during incident response or change management. Dependencies must be structured data enabling automated analysis.
• Ignoring weakening relationships. Most organisations track positive dependencies (requires, strengthens) but ignore weakening relationships. Weakening relationships are the most dangerous because they create conditions where one control's correct operation undermines another's — and this will not be detected by testing either control in isolation.
• Assuming dependencies are static. Dependencies change as implementations evolve. A control that originally had no dependency on AG-007 may acquire one when its implementation is refactored to use a versioned configuration store. Dependency validation must be periodic, not one-time.
• Conflating logical and implementation dependencies. A logical dependency ("drift detection logically requires a baseline") is different from an implementation dependency ("our drift detection service calls the AG-007 configuration API"). Both must be tracked, but implementation dependencies are more fragile and change more frequently.

Maturity Model

Basic Implementation — The organisation has documented a dependency register listing all known relationships between implemented controls. The register specifies relationship types and dependency descriptions. Dependency impact is assessed manually before control changes. The register is reviewed quarterly. Dependencies are validated manually during conformance assessments by checking that prerequisite controls are implemented.

Intermediate Implementation — The dependency register is maintained as a directed graph in a machine-readable format. Automated cycle detection, transitive dependency resolution, and impact analysis are available. Conformance assessments automatically verify dependency satisfaction — controls with unmet "requires" dependencies are capped at Score 1. Dependency data is integrated with change management: control changes trigger automated impact reports listing all affected dependent controls. Degradation alerts propagate through the dependency graph.

Advanced Implementation — All intermediate capabilities plus: dependency relationships are validated continuously through automated testing that verifies not just logical dependency but implementation-level dependency (e.g., confirming that the drift detection service can actually reach the configuration API it depends on). Weakening relationships are monitored with specific test cases that detect when weakening conditions are active. The dependency graph is independently audited annually. Dependency strength scoring enables prioritised remediation when multiple dependencies are affected simultaneously.

7. Evidence Requirements

Required artefacts:

• Dependency register. The current dependency graph showing all recorded relationships between implemented controls, with relationship types, descriptions, and for weakening relationships, conditions and mitigations. Format: structured data (graph export, JSON, YAML) plus a human-readable rendering.
• Dependency validation records. Results of the most recent quarterly dependency validation, showing: dependencies verified as satisfied, dependencies found unsatisfied, and remediation actions taken.
• Impact assessment records. For each control change in the assessment period, the dependency impact assessment performed before the change, showing affected controls and the evaluation of impact.
• Conformance dependency verification. For each control assessed, evidence that its "requires" dependencies were verified as implemented and effective at the time of assessment.

Retention requirements:

• Dependency register versions and validation records: minimum 7 years for regulated financial services; minimum 5 years for other regulated sectors; minimum 3 years otherwise.

Access requirements:

• Producible to regulators or auditors within 48 hours of request.

8. Test Specification

Test 8.1: Dependency Register Completeness

• Stimulus: For each implemented control, review its specification and implementation to identify all actual dependencies. Compare identified dependencies against the dependency register.
• Expected behaviour: All actual dependencies are recorded in the register.
• Pass criteria: Zero unrecorded dependencies for all sampled controls (minimum sample: 20% of implemented controls or 10 controls, whichever is greater).
• Fail criteria: Any actual dependency is missing from the register.

Test 8.2: Dependency Version Immutability

• Stimulus: Retrieve a historical version of the dependency register. Compare it against the archived version.
• Expected behaviour: Historical versions are immutable.
• Pass criteria: Bit-for-bit match for all tested historical versions.
• Fail criteria: Any historical version has been modified after publication.

Test 8.3: Impact Assessment Enforcement

• Stimulus: Attempt to modify a control that has dependent controls in the register without performing a dependency impact assessment.
• Expected behaviour: The change is blocked or flagged for senior governance review.
• Pass criteria: The system prevents or escalates the change until an impact assessment is completed and approved.
• Fail criteria: The control change proceeds without a dependency impact assessment.

Test 8.4: Cascading Dependency Break Detection

• Stimulus: Simulate the failure of a foundational control (e.g., AG-007) that has multiple transitive dependents. Verify that all transitively dependent controls are identified and alerted.
• Expected behaviour: The system identifies all directly and transitively dependent controls and generates appropriate alerts or status changes.
• Pass criteria: 100% of transitively dependent controls are identified. Alerts are generated within the defined SLA (e.g., 1 hour).
• Fail criteria: Any transitively dependent control is not identified, or alerts are not generated within the SLA.

Test 8.5: Circular Dependency Detection

• Stimulus: Introduce a circular dependency into the register (Control A requires Control B, Control B requires Control A). Attempt to commit the change.
• Expected behaviour: The cycle is detected and flagged before the change is committed.
• Pass criteria: The circular dependency is reported with the specific cycle path. The change requires explicit acknowledgement and mitigation plan before commitment.
• Fail criteria: The circular dependency is committed without detection or flagging.

Test 8.6: Conformance Score Capping for Unmet Dependencies

• Stimulus: Assess a control whose "requires" dependency is not implemented. Attempt to assign it a conformance score above 1.
• Expected behaviour: The assessment system caps the score at 1 and records the unmet dependency as the reason.
• Pass criteria: The control cannot score above 1 with an unmet "requires" dependency. The scoring rationale explicitly references the unmet dependency.
• Fail criteria: A control with an unmet "requires" dependency receives a score above 1.

Conformance Scoring

• Score 0: No dependency tracking exists — control relationships are entirely implicit.
• Score 1: Dependencies are documented in prose or spreadsheet form but are not machine-readable, not validated periodically, and not integrated with change management or conformance assessment.
• Score 2: The dependency register is machine-readable and versioned, validated quarterly, integrated with change management (impact assessments required before control changes), and integrated with conformance assessment (dependency verification is part of the assessment process).
• Score 3: Verified by independent audit — an independent party has validated the register's completeness, the impact assessment process, and the conformance integration, and continuous automated dependency health monitoring is operational.

9. Regulatory Mapping

Regulation	Provision	Relationship Type
EU AI Act	Article 9 (Risk Management System)	Supports compliance
EU AI Act	Article 17 (Quality Management System)	Supports compliance
ISO 42001	Clause 8.2 (AI Risk Assessment)	Supports compliance
NIST AI RMF	GOVERN 1.2, MANAGE 2.3	Supports compliance
SOX	Section 404 (Internal Controls)	Supports compliance
FCA SYSC	6.1.1R (Systems and Controls)	Supports compliance
DORA	Article 5 (ICT Risk Management Governance)	Supports compliance

EU AI Act — Article 9 (Risk Management System)

Article 9 requires a risk management system that identifies risks and implements mitigation measures. Control dependency governance ensures that mitigation measures do not have untracked dependencies on one another — a mitigation that depends on another mitigation that is not implemented provides no actual risk reduction. Dependency governance is the mechanism by which the organisation verifies that its risk mitigation architecture is internally consistent.

ISO 42001 — Clause 8.2 (AI Risk Assessment)

Clause 8.2 requires AI risk assessment to consider the interdependencies between controls within the AI management system. AG-220 provides the structured mechanism for recording and validating these interdependencies, ensuring that risk assessments account for cascading failures where one control's degradation undermines others.

SOX — Section 404

SOX auditors assess internal controls as a system, not as isolated mechanisms. A control that depends on another control that is deficient is itself deficient — this is the concept of "compensating controls" in SOX auditing. AG-220 provides the dependency map that auditors need to trace control relationships and evaluate systemic control effectiveness. Without it, the auditor must independently discover dependencies — a process that is incomplete and inconsistent.

10. Failure Severity

Field	Value
Severity Rating	High
Blast Radius	Organisation-wide — affects the integrity and reliability of the entire governance framework

Consequence chain: Without dependency governance, disabling or degrading one control can silently undermine multiple other controls without detection. The immediate failure mode is cascading non-conformance — a chain of controls that appear individually compliant but are collectively ineffective because a shared dependency is unmet. The downstream consequence is false assurance: conformance reports show high scores while actual governance effectiveness is degraded. The ultimate business consequence surfaces during incidents, when the organisation discovers that controls it relied upon were ineffective because their prerequisites were not in place. In regulated sectors, this maps to systemic control failure — a finding that the governance framework as a system was inadequate, not merely that an individual control failed.

Cross-references: AG-219 (Control Taxonomy Governance) provides the control set within which dependencies are tracked. AG-007 (Governance Configuration Control) is a frequently-depended-upon control whose health affects many others. AG-153 (Control Efficacy Measurement) provides the effectiveness metrics that dependency validation consumes. AG-222 (Conformance Profile Governance) must account for dependencies when defining conformance profiles. AG-056 (Independent Validation) should include dependency verification in its validation scope.