AI Security & Safety Control Evidence¶

Controls are easy to claim.
CRP proves they operate. ¶
Every major AI assurance framework - EU AI Act, AIUC-1, ISO/IEC 42001, NIST AI RMF, SOC 2-for-AI - demands the same thing underneath its own vocabulary: provable, operating controls - continuous, verifiable evidence. CRP emits exactly that on every governed AI call.
The common demand across every AI standard¶
| Framework | What it is | What it demands (the common thread) |
|---|---|---|
| EU AI Act | Law (Reg. 2024/1689) | Risk management, logging (Art.12), human oversight (Art.14), QMS (Art.17), technical documentation (Annex IV) - i.e. evidence the controls operate. |
| AIUC-1 | AI agent security/safety/reliability standard | Adversarial testing, real-time input filtering, access control, audit trails, continuous monitoring - i.e. evidence the agent behaves under pressure. |
| ISO/IEC 42001:2023 | AI management system standard | Documented controls + operational evidence + continual improvement. |
| NIST AI RMF | US risk framework | GOVERN / MAP / MEASURE / MANAGE - measurement & documentation of AI risk controls. |
| SOC 2 (AI) | Trust services | Evidence controls operate over a period, not at a point in time. |
The common requirement: provable, operating controls - continuous, verifiable evidence. CRP is built to emit exactly that. Different standards, one agentic positioning engine.
The control-evidence mapping¶
What CRP actually emits, and which standard-demands it satisfies.
| CRP capability (operates on every call) | Evidence it emits | Satisfies (examples) |
|---|---|---|
| DPE 13-stage safety (SPEC-005) | Risk, grounding, fabrication, distortion, contradiction scores - signed | AIUC-1 Security/Safety/Reliability · EU AI Act Art.15 · ISO 42001 performance evaluation |
| Safety Policy + HTTP 451 halt (SPEC-006, SPEC-002) | Policy-enforced + halt events - signed | AIUC-1 Security/Safety · EU AI Act Art.14 · NIST AI RMF MANAGE |
| Human-in-the-loop checkpoints (SPEC-033, SPEC-034) | Approval records with who/when - signed | AIUC-1 Safety/Accountability · EU AI Act Art.14 · ISO 42001 operation |
| HMAC audit chain (SPEC-011) | Tamper-evident event log | AIUC-1 Accountability · EU AI Act Art.12 · SOC 2 · ISO 42001 records |
| Identity & provenance headers (SPEC-002) | AuthZ + provenance per call | AIUC-1 Accountability · EU AI Act Art.13 · GDPR Art.30 |
| CRP Scan findings (SPEC-013, SPEC-036) | Pre-production vulnerability + remediation evidence | AIUC-1 Security · EU AI Act Art.15 cybersecurity |
| Comply evidence packs (SPEC-040) | Annex IV, DPIA/FRIA, QMS docs - signed | EU AI Act Annex IV/Art.17 · ISO 42001 · AIUC-1 Accountability/Society |
| Local-LLM / zero-exfiltration mode (SPEC-017) | 0-byte-egress attestation | AIUC-1 Data & Privacy/Security · data-residency requirements · GDPR data minimisation |
The point: CRP doesn't just have controls - it produces the evidence each control operated, mapped to what the standards demand.
Proof points by framework¶
EU AI Act¶
CRP addresses 33 of 35 technical controls across Articles 6–17 and generates the evidence regulators expect:
- Article 9 - Risk management system: DPE scores + quality tiers + continuous monitoring
- Article 10 - Data governance: context-source manifests, PII detection, embedding consistency
- Article 12 - Record-keeping: HMAC-chained window events
- Article 13 - Transparency: provenance export + source attribution
- Article 14 - Human oversight: checkpoint headers with signed approval records
- Article 15 - Accuracy/robustness/cybersecurity: fabrication detection, contradiction checks, injection shield
- Article 16/17 - QMS: recipe-driven evidence packs
AIUC-1¶
CRP produces 80%+ of the control evidence AIUC-1 auditors verify across all six principles:
- Data & Privacy - input-data governance, PII scanning, data-source manifests, zero-exfiltration mode
- Security - adversarial robustness, real-time input filtering, unauthorized-action prevention, adversarial-input detection, endpoint protection, deployment hardening
- Safety - harmful-output prevention, human-in-the-loop, risk-category monitoring
- Reliability - hallucination prevention, consistent behaviour, error handling
- Accountability - activity logging, quality management, AI disclosure, acceptable-use policy, accountability assignment
- Society - regulatory alignment, continuous assurance, transparent boundary statements
ISO/IEC 42001:2023¶
CRP features map to AI management system clauses 4–10, providing evidence for context, leadership, planning, support, operations, performance evaluation, and improvement.
NIST AI RMF¶
CRP supports all four NIST AI RMF functions:
| Function | CRP evidence |
|---|---|
| GOVERN | Policy headers, accountability identifiers, human oversight checkpoints |
| MAP | System registry, context-source manifests, risk classification |
| MEASURE | DPE scores, quality tiers, grounding percentages, contradiction counts |
| MANAGE | Safety budgets, circuit breakers, redaction, response actions |
SOC 2-for-AI / GDPR¶
- SOC 2: Continuous, HMAC-signed evidence that controls operate over time, not just at a point in time.
- GDPR: PII scanning, data-source manifests for Article 30, DPIA-ready risk scores, right-of-erasure support.
Honest boundaries¶
To maintain credibility:
- CRP produces the technical control evidence; it is not itself an accredited certifier. AIUC-1 certificates are issued by AIUC via accredited auditors; EU AI Act conformity is assessed by notified bodies or self-assessment per risk class. CRP makes you audit-ready and certification-ready.
- AIUC-1 updates quarterly. CRP's continuous evidence model is designed to keep pace, but the mapping must be versioned against each release.
- Some requirements (e.g. third-party attestation, catastrophic-misuse modules) are provided via accredited partners rather than by CRP alone.
Get started¶
import crp
client = crp.SDKClient(safety="strict")
answer = client.ask("Summarise the contract")
print(answer.crp.risk) # LOW | MEDIUM | HIGH | CRITICAL
print(answer.crp.grounded) # True | False
print(answer.crp.fabrications) # unsupported claims
print(answer.crp.chain_valid) # HMAC chain integrity
print(client.audit.export()) # regulator-ready evidence bundle