The foundations
Two lenses on what underlies the framework. The six pillars are how we build. The capability spine (ten domains, D1–D10) is what we assess. Together they say what a company needs, and how we hold ourselves to it, at every tier.
Operating principles, tier by tier, not aspirational.
Scale through parallelism. Atomic, composable, idempotent tools. Full trace visibility. Async-first. Source of truth in one place. "The architecture is the asset."
Code is the universal interface of an agentic system: the only output that is simultaneously deterministic, scoreable, testable, versionable, and replayable. Reduce all problems to code. Prompts versioned like code.
Text, structured data, images, voice, code: all first-class inputs to retrieval and reasoning. The L1 substrate stops being "the warehouse" and becomes the multimodal source of truth the agents draw from.
Edge gating, not human-in-the-loop. Implement alongside, not on top. Shadow runs, migrate on evidence. "Evals are not QA. They are the heartbeat."
Don't over-scale infrastructure. Parallelize the agents. "Add an agent, not a server." Per-agent budgets. Cost attribution at L4. Cost-per-task replaces cost-per-seat as the metric.
Compacted retrieval over raw injection. Reduce institutional knowledge to code (runbooks, decisions, policies) and let the agents read it. The L1 source of truth becomes the L5 colleague's long-term memory.
Companies need a subset of ten domains in the right order; orchestration is a progression across tiers, not a tool bought once.
One trusted version of the truth?
Can we see, secure, and control who touches data and agents?
Which models, accessed how, swappable how easily?
Where do humans get leverage before anything runs autonomously?
How does the system ground answers in enterprise data?
Who orchestrates the work, and how autonomously?
What does long-running, failure-tolerant agent work run on?
Can we score it, trace it, and gate deploys on it?
Will it survive a security review and adversarial input?
Can BOD prove the outcome and own the loop?
Read across a row to see a domain’s life cycle; read down a column to see what a level demands at once. The L3 column is the inflection.
The L3 column is the inflection: six domains turn core at once. That is why L3 is where the work, and the cost, compound.
A tool that covers many domains reduces integration surface, which is why the hyperscaler platforms anchor L3+. Single-domain specialists are best-of-breed and slot in alongside.
| Tool / platform | Domains covered | Anchor levels |
|---|---|---|
| Databricks (Mosaic AI, Unity Catalog, Agent Bricks, Workflows, Vector Search, Gateway) | D1, D2, D3, D5, D6, D7, D8, D9 | L3-L5 · broadest single-platform coverage |
| Snowflake (Cortex, Horizon, Cortex Agents, Tasks) | D1, D2, D3, D5, D6, D7, D9 | L1-L4 (analytics-first) |
| AWS (Bedrock, AgentCore, Step Functions, Guardrails, SageMaker) | D3, D6, D7, D9 (+D1 via Redshift) | L3-L4 (AWS-anchored) |
| Claude (Anthropic) | D3, D4 (Claude Code), D6 (Agent SDK) | L2-L5 |
| LangGraph + LangSmith | D6, D7, D8 | L4 |
| LlamaIndex | D5, D6 | L3 |
| Braintrust · Langfuse | D8 | L2-L5 (eval loop · OSS traces) |
| Temporal | D6, D7 (durable exec) | L3-L5 |
| Lakera | D9 | L3+ |
| Edge Scale (BOD) | D10 + wraps D2, D6, D8 | L3-L5 · the BOD layer, across platforms |
The Pillars are how we build. The Spine is what we assess. Use the maturity ladder to place the company; use the spine to say which domains are core versus absent. Never call a retrieval layer “a level.”
How we engageTwo domains are never skippable: a governed, integrated data foundation (D1) and governance and identity (D2). Deploy AI on ungoverned data and you automate the error, faster.
Anything we can’t inspect at the step level; no production observability beyond raw logs; hosted-only with no data-residency control; no SOC 2 Type II or a named path to it.
