Memahami AI —
& Kenapa Ia Perlu Dikawal
Understanding AI —
& Why It Must Be Governed
Dari generasi AI, kepada model yang "vibe code", kepada kenapa Claude — dan kenapa Claude pun perlukan lapisan kawalan tambahan.
From the generations of AI, to which models "vibe code", to why Claude — and why even Claude needs an extra layer of control.
Apa Itu ALESA?
What Is ALESA?
Rangka Kerja Tadbir Urus AI buatan Malaysia yang membolehkan sesiapa sahaja — dengan atau tanpa latar belakang IT — membina aplikasi profesional dengan selamat menggunakan Claude AI.
A Malaysian-built AI Governance Framework enabling anyone — with or without an IT background — to build professional applications safely using Claude AI.
Lapisan governance memastikan keselamatan — perubahan material (kod/deploy/data) tetap melalui semakan; ALESA mempercepat & mengawal, bukan menggantikan pertimbangan manusia.
The governance layer ensures safety — material changes (code/deploy/data) still pass review; ALESA accelerates & controls, it does not replace human judgement.
AI bukan satu benda — ia berevolusi
AI isn't one thing — it has evolved
Rule-based → Machine Learning → Deep Learning → Generative AI → Agentic AI — bukan setakat jawab, ia BERTINDAK.
Rule-based → Machine Learning → Deep Learning → Generative AI → Agentic AI — not just answers, it ACTS.
Dulu AI cuma "jawab". Sekarang ia "buat".
AI used to just "answer". Now it "acts".
Generative + Agentic AI bukan lagi alat pasif. Ia boleh tulis kod, akses pangkalan data, hantar mesej, padam fail, buat keputusan. Kuasa ini hebat — tetapi tanpa kawalan, satu kesilapan boleh jadi kemudaratan sebenar.
Generative + Agentic AI is no longer passive. It can write code, access databases, send messages, delete files, make decisions. Remarkable power — but ungoverned, one mistake becomes real harm.
Bukan semua AI sama — pilih yang betul
Not all AI is equal — choose the right one
"Vibe coding" = ko terangkan hasrat dalam bahasa biasa, AI tulis kod. Keluarga model utama:
"Vibe coding" = describe intent in plain language, the AI writes the code. Major model families:
Claude (Anthropic)
Reka bentuk keselamatan-dahulu (Constitutional AI). Kuat kod & penaakulan. Pilihan ALESA.
Safety-first (Constitutional AI). Strong code & reasoning. ALESA's choice.
GPT · Gemini
Model generatif arus perdana lain — mampu, meluas.
Other mainstream generative models — capable, widespread.
Model TerbukaOpen Models
Llama · DeepSeek · Qwen — boleh jalan on-prem (berdaulat).
Llama · DeepSeek · Qwen — run on-prem (sovereign).
Nota jujur: "terbaik" bergantung tugas + konteks; tiada satu model menang segala-galanya.
Honest: "best" depends on task + context; no single model wins everything.
ALESA dibina atas Claude — keselamatan didahulukan
ALESA is built on Claude — safety comes first
Constitutional AI
Dilatih ikut "perlembagaan" nilai — jujur, membantu, tidak memudaratkan.
Trained against a "constitution" — honest, helpful, harmless.
Kuat Kod & PenaakulanStrong Code & Reasoning
Antara terbaik untuk pembangunan + analisis kompleks.
Among the best for development + complex analysis.
Kepercayaan PerusahaanEnterprise Trust
Makmal AI fokus keselamatan; sesuai gov/perbankan.
A safety-focused AI lab; suited to gov/banking.
Tapi memilih model yang bagus bukan penamat cerita...
But choosing a good model is not the end of the story...
Claude bagus. Tapi jangan percaya 100% pada model sahaja.
Claude is good. But don't trust the model alone 100%.
Kalau yang BINA AI kata model sahaja tak memadai — kenapa kita rasa cukup?
If the ones who BUILT the AI say the model alone isn't enough — why would we assume it is?
AI tanpa governance — senario sebenar
AI without governance — real scenarios
Padam tak boleh undurIrreversible deletion
AI padam data penting — tiada backup.
AI deletes critical data — no backup.
Bocor data peribadiPersonal data leak
PDPA hingga RM1 juta (kuat kuasa Jun 2025).
PDPA up to RM1 million (in force Jun 2025).
Keputusan berat sebelahBiased decisions
AI tolak permohonan tak adil.
AI rejects applications unfairly.
Di-hack (injection)Hijacked (injection)
Arahan tersembunyi rampas AI.
Hidden instructions hijack the AI.
Mereka-reka faktaFabricated facts
"Hallucinate" — keputusan atas info palsu.
Hallucinates — decisions on false info.
Tiada jejak auditNo audit trail
Bila silap — tak boleh siasat/defend.
When wrong — can't investigate/defend.
Macam tali pinggang keledar
Like a seatbelt
Nampak menyusahkan. Nampak tak perlu. Sampai hari accident. Masa itu — sudah terlambat.
Feels inconvenient. Seems unnecessary. Until the day of the accident. By then — too late.
Governance AI sama: nilainya halimunan masa semua OK — tak ternilai masa nyaris.
AI governance is the same: invisible when all is well — priceless when disaster nearly strikes.
ALESA = tali pinggang keledar untuk AI anda
ALESA = the seatbelt for your AI
Lapisan governance tambahan yang Anthropic sendiri kata WAJIB — di atas mana-mana model:
The extra governance layer Anthropic itself says is essential — on top of any model:
Gate
Halang tindakan bahaya sebelum berlaku.
Block dangerous actions before they happen.
Eval & Red-team
Uji berterusan + serang sistem sendiri dahulu.
Continuous testing + attack our own system first.
Audit Trail
Jejak setiap langkah — bukti untuk defend.
Every step logged — evidence to defend.
Kejujuran HadHonest Limits
Nyatakan apa AI TAK boleh buat.
States what AI CANNOT do.
Manusia-dalam-gelungHuman-in-the-loop
Tindakan berisiko tunggu kelulusan manusia.
Risky actions wait for human approval.
Defense-in-depth
Berlapis — tidak bergantung satu titik.
Layered — never one single point.
Jujur: governance = pengurang risiko, bukan sifar-risiko.
Honest: governance = risk reduction, not zero-risk.
Tadbir urus AI sedang jadi standard — dan undang-undang
AI governance is becoming the standard — and the law
ISO/IEC 42001
Standard antarabangsa pertama pengurusan AI bertanggungjawab — boleh disijilkan bebas.
First international standard for responsible AI management — independently certifiable.
NAIO + AIGE
Pejabat AI Negara + Garis Panduan Tadbir Urus & Etika AI (7 prinsip).
National AI Office + AI Governance & Ethics Guidelines (7 principles).
Undang-undang AIAI Legislation
Rangka perundangan AI dijangka ke Kabinet Jun 2026.
AI legislative framework expected at Cabinet Jun 2026.
Soalannya bukan "perlu ke?" — tapi "bila?". Lebih awal = lebih selamat.
The question isn't "do we need it?" — but "when?". Earlier = safer.
Pasang governance SEBELUM accident
Install governance BEFORE the accident
Bukan selepas. Masa itu sudah terlambat.
Not after. By then it's too late.
Model AI bagus + lapisan governance ALESA + persijilan bebas (cth ISO 42001) = AI yang boleh dipercayai.
A good AI model + ALESA's governance layer + independent certification (e.g. ISO 42001) = AI you can trust.