The Defensibility Gate sits between Band 4 (Optimised) and Band 5 (Defensible) on the Maturity Stack. A function can be highly optimised — fast, adopted, measured — and still sit below the Gate if it cannot evidence how its AI is governed. Crossing the Gate is not a matter of more tooling; it is the point at which the function can show, to a board or a regulator, that capability is under governance.
The Gate is the constructive counterpart to the Defensibility Gap. The Gap names the problem — capability has outrun governance; the Gate names the standard that closes it. It is evidenced, not asserted: a maintained Defensibility Posture Statement, a current Risk Taxonomy mapping, and supervised autonomy together demonstrate that the threshold has been met.