2026
1.
Shaina Raza; Ranjan Sapkota; Manoj Karkee; Christos Emmanouilidis
TRiSM for Agentic AI: A review of Trust, Risk, and Security Management in LLM-based Agentic Multi-Agent Systems Journal Article
In: AI Open, vol. 7, pp. 71–95, 2026, ISSN: 2666-6510.
Abstract | Links | BibTeX | Tags: Adversarial robustness, Agentic AI, AI agents, AI governance, AI safety, Application security, Explainability, Human-in-the-Loop, LLM-based multi-agent systems, Model Privacy, ModelOps, Privacy-preserving AI, Risk management, TRiSM, Trustworthy AI
@article{raza_trism_2026,
title = {TRiSM for Agentic AI: A review of Trust, Risk, and Security Management in LLM-based Agentic Multi-Agent Systems},
author = {Shaina Raza and Ranjan Sapkota and Manoj Karkee and Christos Emmanouilidis},
url = {https://www.sciencedirect.com/science/article/pii/S2666651026000069},
doi = {https://doi.org/10.1016/j.aiopen.2026.02.006},
issn = {2666-6510},
year = {2026},
date = {2026-01-01},
urldate = {2026-01-01},
journal = {AI Open},
volume = {7},
pages = {71\textendash95},
abstract = {Agentic AI systems, built upon large language models (LLMs) and deployed in multi-agent configurations, are redefining intelligence, autonomy, collaboration, and decision-making across enterprise and societal domains. This review presents a structured analysis of Trust, Risk, and Security Management (TRiSM) in the context of LLM-based Agentic Multi-Agent Systems (AMAS). We begin by examining the conceptual foundations of Agentic AI and highlight its architectural distinctions from traditional AI agents. We then adapt and extend the AI TRiSM framework for Agentic AI, structured around key pillars: Explainability, ModelOps, Security, Privacy and their Lifecycle Governance, each contextualized to the challenges of AMAS. A risk taxonomy is proposed to capture the unique threats and vulnerabilities of Agentic AI, ranging from coordination failures to prompt-based adversarial manipulation. To make coordination and tool use measurable in practice, we propose two metrics: the Component Synergy Score (CSS), which captures inter-agent enablement, and the Tool Utilization Efficacy (TUE), which evaluates whether tools are invoked correctly and efficiently. We further discuss strategies for improving explainability in Agentic AI, as well as approaches to enhancing security and privacy through encryption, adversarial robustness, and regulatory compliance. The review concludes with a research roadmap for the responsible development and deployment of Agentic AI, highlighting key directions to align emerging systems with TRiSM principles-ensuring safety, transparency, and accountability in their operation.},
keywords = {Adversarial robustness, Agentic AI, AI agents, AI governance, AI safety, Application security, Explainability, Human-in-the-Loop, LLM-based multi-agent systems, Model Privacy, ModelOps, Privacy-preserving AI, Risk management, TRiSM, Trustworthy AI},
pubstate = {published},
tppubtype = {article}
}
Agentic AI systems, built upon large language models (LLMs) and deployed in multi-agent configurations, are redefining intelligence, autonomy, collaboration, and decision-making across enterprise and societal domains. This review presents a structured analysis of Trust, Risk, and Security Management (TRiSM) in the context of LLM-based Agentic Multi-Agent Systems (AMAS). We begin by examining the conceptual foundations of Agentic AI and highlight its architectural distinctions from traditional AI agents. We then adapt and extend the AI TRiSM framework for Agentic AI, structured around key pillars: Explainability, ModelOps, Security, Privacy and their Lifecycle Governance, each contextualized to the challenges of AMAS. A risk taxonomy is proposed to capture the unique threats and vulnerabilities of Agentic AI, ranging from coordination failures to prompt-based adversarial manipulation. To make coordination and tool use measurable in practice, we propose two metrics: the Component Synergy Score (CSS), which captures inter-agent enablement, and the Tool Utilization Efficacy (TUE), which evaluates whether tools are invoked correctly and efficiently. We further discuss strategies for improving explainability in Agentic AI, as well as approaches to enhancing security and privacy through encryption, adversarial robustness, and regulatory compliance. The review concludes with a research roadmap for the responsible development and deployment of Agentic AI, highlighting key directions to align emerging systems with TRiSM principles-ensuring safety, transparency, and accountability in their operation.
