RM Risk Mandate
Autonomous Risk Management

Agents act.
You own the risk.

Risk Mandate maps every autonomous system to its blast radius, assigns a business owner, and drives a time-bound decision — accept, fund, or fix.

NIST SP 800-53EU AI Act Art.14FedRAMP ReadyISO 27001
risk-mandate · risk-queue LIVE
1
Unaddressed
0
Info Req.
2
Accepted
74
Risk score
RISK QUEUE · 1 UNADDRESSED

↑ Interactive — click a risk record, then act on it

The category

Every risk discipline has a layer. Agent risk is the missing one.

Credentials, data, infrastructure, vendors — each has an owner, a register, and a decision process. Autonomous systems act with real authority and answer to none of them. Risk Mandate is the business risk layer for autonomous systems: map, accept, fund, and reduce.

Lethal Trifecta

Three properties. Together, immediately exploitable.

Severity isn't in any one finding — it's in the combination. When a single agent holds all three, untrusted input can drive a privileged action straight to an external destination.

Untrusted Input
Web, tickets, emails
+
Sensitive Data
PII, financial, customers
+
Exfiltration
SMTP, APIs, webhooks
=
CRITICAL
3/3 trifecta
Four Pillars

Discovery is table stakes. Remediation is the moat.

Anyone can list your agents. The work that matters is what comes after the list — and that work is a risk decision, not a longer report.

01 · Map

Blast radius

Discover every agent and trace what it can actually reach — systems, data, secrets, external destinations.

02 · Accept

Time-bound decision

A named owner accepts the residual risk for a defined window. No deny button — accept, and revisit on expiry.

03 · Fund

Pay for the fix

Acceptance manufactures budget and ownership: to keep running, someone funds the reduction.

04 · Reduce

Net-lower-risk

Every fix has its own blast radius. The goal is to leave the system measurably safer — sometimes a control, not a code change.

Risk Acceptance

Hope vs. enforce.

Most agent "controls" are intentions the stack can't enforce. Risk Mandate separates what's actually enforceable from what's merely hoped — then puts a clock, an owner, and a budget on the gap.

How long, who owns it, what's funded.

Code freeze during incidentHOPE
Scoped read-only token (TTL 4h)ENFORCED
"Don't touch production"HOPE
Human approval on DDLENFORCED
Prompt: "act responsibly"HOPE
Network egress allow-listENFORCED
CAPABILITY CERTIFICATE · ACTIVE● VALID
Issued byRisk Mandate CA · RSA-PSS 4096
SubjectMND-0442 · agent.finance
MayMinimum required access · TTL 4h
OwnerVP Finance Risk
Not permittedpayment-auth · prod-write
Expires+4h · auto-revoke
Owner · Justification · Expiry · Funding — every grant, signed and time-boxed.
Capability Certificates

Minimum access, signed and expiring.

Standing power nobody remembers approving is how agents become dangerous. A capability certificate grants the minimum required access, names the owner and justification, and auto-revokes on expiry. Authorisation becomes a fact, not a hope.

Pricing

Four tiers. Value at every stage.

Community
Free
  • Agent inventory
  • Trifecta scoring
  • Blast radius
  • OSS runtime
Team
$12K–36K/yr
  • Risk graph
  • MCP discovery
  • Mandate registry
Enterprise
$75K–250K/yr
  • Risk acceptance
  • Explainability
  • Hope vs Enforce
  • NIST / FedRAMP
Enterprise+
$250K–1M+/yr
  • Capability certs
  • Remediation engine
  • Kill switch
  • Board reports
riskmandate.ai

Book a 30-min demo.

Response within one business day · No commitment.

Pre-launch. The thesis and model for a service being built — not a shipped product yet.