Home → Intelligence → Themes → Defensibility
Intelligence Theme
Defensibility & Governance
The operating standard for legal AI: evidence on demand, governance trail, named accountability. Defensibility is the institutional answer to a regulator, plaintiff, board, or conduct body challenging an AI-influenced decision.
Articles in this theme
8 articles
Executive Brief
The Defensibility Posture Statement — A Template
The Defensibility Posture Statement (DPS) is the one-page institutional artefact that captures a legal function's defensibility position. It names the function's AI use, the Five Defensibility Elements as currently operated, the accountable owners, the Evidence Register pointer, and the next review date. The DPS is the document the General Counsel must be able to produce within twenty-four hours of a regulator, insurer, board member, or acquirer request.
22 May 2026
22 min read
P4
Executive Brief
Pillar 4 — Governance, Risk & Defensible AI
Pillar 4 is where Defensibility is operationalised. It pairs the Risk Taxonomy 2026 (the inventory of what can go wrong) with the Five Defensibility Elements (the operating controls), produces the Defensibility Posture Statement (the one-page institutional artefact), and runs the Evidence Register (the underlying documentation cache). Pillar 4 is the pillar regulators, insurers, acquirers, and professional conduct bodies query directly.
22 May 2026
12 min read
P4
Executive Brief
The Inflection Point — Why 2026 Demands Defensibility
Legal AI in 2026 sits at an institutional inflection point. ISO/IEC 42001 is published; the EU AI Act's high-risk obligations are in staged enforcement; insurers and acquirers ask AI-governance questions during diligence; professional conduct bodies are issuing AI-specific guidance. Functions that built productivity-grade AI in 2024-2025 now face a defensibility bar they did not anticipate. The Inflection Point chapter frames why the operating standard for legal AI must change, and what changes if it does not.
22 May 2026
18 min read
P4
Executive Brief
The 90-Day Defensibility Roadmap
The 90-Day Defensibility Roadmap is the operating cadence for a legal function moving from baseline to a credible Defensibility posture. Three thirty-day windows: Diagnose (Days 1-30), Document (Days 31-60), Defend (Days 61-90). Each window has named outputs, accountable owners, and a measurable gate. The Roadmap is not a generic implementation plan; it is the cadence the Free Baseline Diagnostic recommends to any function below Maturity Band 4.
22 May 2026
8 min read
P4
Anchor Essay
Risk Taxonomy 2026 — The Nine Classes of Legal AI Risk
Risk Taxonomy 2026 names the nine canonical classes of legal AI risk: hallucination, data leakage, model drift, vendor lock-in, regulatory non-compliance, professional conduct exposure, client confidentiality breach, shadow AI proliferation, and accountability dilution. Each class carries a distinct mechanism, distinct evidence requirements, and a distinct mitigation pattern that legal functions must operationalise individually. The Taxonomy is the inventory side of the Defensibility framework: where Defensibility describes the response capability a legal function must demonstrate, the Taxonomy describes what must be responded to. Risk Registers maintained by legal functions should map each entry to one of the nine classes. Vendor evaluations should be scored against the classes. Incident reviews should classify root cause against the framework. The Taxonomy is binding canon for institutional legal AI risk management.
22 May 2026
P4
Anchor Essay
Defensibility — The Operating Standard for Legal AI
Defensibility is the operating standard for AI use in legal functions. It is the practical answer to one question: when a regulator, plaintiff, board member, client, or professional conduct body challenges an AI-influenced decision, can the legal function produce, within twenty-four hours, the contemporaneous evidence, the methodology, the governance trail, and the named accountability chain that the decision rests on? Five elements constitute Defensibility: decision traceability, methodology transparency, evidence framework, governance posture, and continuous learning. Defensibility is the legal-specific lens that translates ISO/IEC 42001 management-system requirements and EU AI Act high-risk obligations into the daily operating cadence of a legal department. The Defensibility Posture Statement is the one-page artefact that captures the function's posture, signed by the General Counsel, and producible within twenty-four hours of any external request that could plausibly result in adversarial scrutiny.
22 May 2026
P4
Anchor Essay
Agentic Tier — The Autonomy Gradient for Legal AI
The Agentic Tier frame is the autonomy gradient for institutional AI use in legal functions. Every AI capability the function operates sits at one of four canonical tiers: Tier 1 Augmentation (drafter), Tier 2 Co-pilot (sub-step executor within a supervised workflow), Tier 3 Workflow operator (end-to-end process), Tier 4 Autonomous agent (initiator with delegated authority). The tier determines the governance discipline the capability requires, the Risk Taxonomy classes it exposes, the Defensibility evidence it produces, and the ROAI calculus it changes. Governance demand grows non-linearly with the tier; Tier 4 requires approximately three times the Defensibility infrastructure of Tier 1. Most current legal AI deployment sits at Tier 1 and Tier 2; Tier 3 is emerging; Tier 4 is mostly aspirational in 2026. A function that adopts higher-tier capabilities without the cluster framework is operating at scale without the governance that scale requires.
22 May 2026
P5
Anchor Essay
AI Lifecycle — The Five Stages of Legal AI Operating Discipline
The AI Lifecycle is the temporal frame for institutional AI use in legal functions. Every AI capability the function deploys moves through five canonical stages: Concept, Build, Deploy, Operate, Sunset. Each stage applies distinct governance disciplines, exposes distinct Risk Taxonomy classes, requires distinct Defensibility evidence, and produces distinct ROAI return. The vendor-centric conversation about AI in legal functions treats AI as a procurement event; the Lifecycle frame treats AI as an operating discipline that begins before procurement and continues through retirement. Functions that operate the Lifecycle compound governance posture over years. Functions that treat AI as a procurement event repeat the same governance failures on each new tool. The Capability Portfolio registers every AI capability with its current stage; the Governance Cadence maps committee attention to stage-appropriate cadences; the Defensibility Posture Statement lists capabilities by Lifecycle stage.
22 May 2026
P8