Skip to content

AI Security & Safety Control Evidence

🏅 Control Evidence · Agentic Positioning Layer

Controls are easy to claim.
CRP proves they operate.

Every major AI assurance framework - EU AI Act, AIUC-1, ISO/IEC 42001, NIST AI RMF, SOC 2-for-AI - demands the same thing underneath its own vocabulary: provable, operating controls - continuous, verifiable evidence. CRP emits exactly that on every governed AI call.

13-stageSafety on every call
<50msOverhead
HMACSigned audit chain
5+Frameworks supported

The common demand across every AI standard

Framework What it is What it demands (the common thread)
EU AI Act Law (Reg. 2024/1689) Risk management, logging (Art.12), human oversight (Art.14), QMS (Art.17), technical documentation (Annex IV) - i.e. evidence the controls operate.
AIUC-1 AI agent security/safety/reliability standard Adversarial testing, real-time input filtering, access control, audit trails, continuous monitoring - i.e. evidence the agent behaves under pressure.
ISO/IEC 42001:2023 AI management system standard Documented controls + operational evidence + continual improvement.
NIST AI RMF US risk framework GOVERN / MAP / MEASURE / MANAGE - measurement & documentation of AI risk controls.
SOC 2 (AI) Trust services Evidence controls operate over a period, not at a point in time.

The common requirement: provable, operating controls - continuous, verifiable evidence. CRP is built to emit exactly that. Different standards, one agentic positioning engine.


The control-evidence mapping

What CRP actually emits, and which standard-demands it satisfies.

CRP capability (operates on every call) Evidence it emits Satisfies (examples)
DPE 13-stage safety (SPEC-005) Risk, grounding, fabrication, distortion, contradiction scores - signed AIUC-1 Security/Safety/Reliability · EU AI Act Art.15 · ISO 42001 performance evaluation
Safety Policy + HTTP 451 halt (SPEC-006, SPEC-002) Policy-enforced + halt events - signed AIUC-1 Security/Safety · EU AI Act Art.14 · NIST AI RMF MANAGE
Human-in-the-loop checkpoints (SPEC-033, SPEC-034) Approval records with who/when - signed AIUC-1 Safety/Accountability · EU AI Act Art.14 · ISO 42001 operation
HMAC audit chain (SPEC-011) Tamper-evident event log AIUC-1 Accountability · EU AI Act Art.12 · SOC 2 · ISO 42001 records
Identity & provenance headers (SPEC-002) AuthZ + provenance per call AIUC-1 Accountability · EU AI Act Art.13 · GDPR Art.30
CRP Scan findings (SPEC-013, SPEC-036) Pre-production vulnerability + remediation evidence AIUC-1 Security · EU AI Act Art.15 cybersecurity
Comply evidence packs (SPEC-040) Annex IV, DPIA/FRIA, QMS docs - signed EU AI Act Annex IV/Art.17 · ISO 42001 · AIUC-1 Accountability/Society
Local-LLM / zero-exfiltration mode (SPEC-017) 0-byte-egress attestation AIUC-1 Data & Privacy/Security · data-residency requirements · GDPR data minimisation

The point: CRP doesn't just have controls - it produces the evidence each control operated, mapped to what the standards demand.


Proof points by framework

EU AI Act

CRP addresses 33 of 35 technical controls across Articles 6–17 and generates the evidence regulators expect:

  • Article 9 - Risk management system: DPE scores + quality tiers + continuous monitoring
  • Article 10 - Data governance: context-source manifests, PII detection, embedding consistency
  • Article 12 - Record-keeping: HMAC-chained window events
  • Article 13 - Transparency: provenance export + source attribution
  • Article 14 - Human oversight: checkpoint headers with signed approval records
  • Article 15 - Accuracy/robustness/cybersecurity: fabrication detection, contradiction checks, injection shield
  • Article 16/17 - QMS: recipe-driven evidence packs

EU AI Act details

AIUC-1

CRP produces 80%+ of the control evidence AIUC-1 auditors verify across all six principles:

  • Data & Privacy - input-data governance, PII scanning, data-source manifests, zero-exfiltration mode
  • Security - adversarial robustness, real-time input filtering, unauthorized-action prevention, adversarial-input detection, endpoint protection, deployment hardening
  • Safety - harmful-output prevention, human-in-the-loop, risk-category monitoring
  • Reliability - hallucination prevention, consistent behaviour, error handling
  • Accountability - activity logging, quality management, AI disclosure, acceptable-use policy, accountability assignment
  • Society - regulatory alignment, continuous assurance, transparent boundary statements

Full AIUC-1 mapping

ISO/IEC 42001:2023

CRP features map to AI management system clauses 4–10, providing evidence for context, leadership, planning, support, operations, performance evaluation, and improvement.

ISO 42001 alignment

NIST AI RMF

CRP supports all four NIST AI RMF functions:

Function CRP evidence
GOVERN Policy headers, accountability identifiers, human oversight checkpoints
MAP System registry, context-source manifests, risk classification
MEASURE DPE scores, quality tiers, grounding percentages, contradiction counts
MANAGE Safety budgets, circuit breakers, redaction, response actions

NIST AI RMF alignment

SOC 2-for-AI / GDPR

  • SOC 2: Continuous, HMAC-signed evidence that controls operate over time, not just at a point in time.
  • GDPR: PII scanning, data-source manifests for Article 30, DPIA-ready risk scores, right-of-erasure support.

Honest boundaries

To maintain credibility:

  • CRP produces the technical control evidence; it is not itself an accredited certifier. AIUC-1 certificates are issued by AIUC via accredited auditors; EU AI Act conformity is assessed by notified bodies or self-assessment per risk class. CRP makes you audit-ready and certification-ready.
  • AIUC-1 updates quarterly. CRP's continuous evidence model is designed to keep pace, but the mapping must be versioned against each release.
  • Some requirements (e.g. third-party attestation, catastrophic-misuse modules) are provided via accredited partners rather than by CRP alone.

Get started

Ready to prove your AI controls operate?
Start free in 60 seconds, or talk to our governance team.
One line to evidence-backed AI
import crp

client = crp.SDKClient(safety="strict")
answer = client.ask("Summarise the contract")

print(answer.crp.risk)               # LOW | MEDIUM | HIGH | CRITICAL
print(answer.crp.grounded)           # True | False
print(answer.crp.fabrications)       # unsupported claims
print(answer.crp.chain_valid)        # HMAC chain integrity
print(client.audit.export())         # regulator-ready evidence bundle

See also