{
 "dataset": {
  "meta": {
   "domain": "ethics",
   "domain_slug": "ethics",
   "domain_number": 7,
   "title": "Apeiris Ethics Control Matrix",
   "description": "Apeiris Ethics Control Matrix: 50 machine-readable controls across 6 layers.",
   "version": "1.4.0",
   "published": "2026-07-02",
   "layers": 6,
   "controls_count": 50,
   "baseline_controls": [
    "EF-01",
    "EF-08",
    "FA-01",
    "FA-08",
    "XP-01",
    "XP-08",
    "HI-01",
    "HI-08",
    "FM-01",
    "EG-08"
   ],
   "canonical_prefix": "apeiris://ethics/controls/",
   "attestation_artifact": "EthicsAttestation",
   "attestation_control": "EG-08",
   "alias_domain": "ethicsverifier.ai",
   "frameworks": [
    "acm_ethics",
    "anthropic_rsp",
    "co_ai_act",
    "doj_ai",
    "eeoc_ai",
    "eu_ai_act",
    "eu_charter",
    "ftc_ai",
    "google_ai_principles",
    "ibm_ai_fairness",
    "ieee_7000",
    "iso_23894",
    "iso_42001",
    "meta_llama_rai",
    "microsoft_rai",
    "nist_rmf",
    "nyc_ll144",
    "oecd_ai_principles",
    "openai_model_spec",
    "un_ethics_ai"
   ],
   "lenses": [
    "business_stakeholder",
    "legal_counsel",
    "data_scientist",
    "grc_auditor",
    "ethics_officer"
   ],
   "license": "CC BY 4.0",
   "source": "https://apeiris.ai/domains/ethics/",
   "integration_endpoint": "https://apeiris.ai/integration/domains/ethics-controls-full.json",
   "source_freshness": {
    "status": "current",
    "checked_on": "2026-07-02",
    "review_cadence": "quarterly"
   },
   "baseline_control_count": 10,
   "generated_at": "2026-06-29T00:00:00.000Z",
   "subtitle": "apeiris.ai/domains/ethics — Apeiris Ethics",
   "site": "https://apeiris.ai/domains/ethics",
   "corpus_url": "https://apeiris.ai/integration/domains/ethics-controls-full.json",
   "schema_version": "1.1.0",
   "schema_extended_on": "2026-06-29",
   "extended_schema_fields": [
    "validation_objective",
    "evidence_required",
    "machine_tests",
    "human_review",
    "blocking_effect",
    "normative_status",
    "anti_patterns",
    "update_status"
   ],
   "baseline_notes": "EG-08 (EthicsAttestation) added to the baseline 2026-07-02 as provisional/draft pending founder review of EG-layer baseline coverage; every sibling domain baseline includes its attestation control."
  },
  "controls": [
   {
    "id": "EF-01",
    "layer": "EF",
    "plane": "lifecycle",
    "name": "Ethics Principles Adoption and Operationalization",
    "plain": "The organization must formally adopt a specific set of AI ethics principles — drawn from recognized frameworks such as OECD, UNESCO, or IEEE 7000 — and define how each principle translates into verifiable operational requirements, design constraints, and evaluation criteria for AI systems.",
    "threat": {
     "tags": [
      "ethics-washing",
      "unenforced-principles",
      "values-gap",
      "accountability-void"
     ],
     "desc": "Without formal operationalization, ethics commitments remain aspirational statements that have no bearing on system design or deployment decisions. Organizations facing regulatory scrutiny or harm incidents cannot demonstrate that stated principles were acted upon. Ethics washing — publishing principles without enforcement mechanisms — exposes the organization to reputational, legal, and regulatory liability while providing no actual protection to affected communities."
    },
    "standard": [
     {
      "id": "oecd_ai_principles",
      "section": "Principles 1.1–1.5",
      "title": "OECD AI Principles: inclusive growth, human-centred values, transparency, robustness, accountability"
     },
     {
      "id": "iso_42001",
      "section": "§6.1.2",
      "title": "AI risk and opportunity identification; ethics objectives"
     },
     {
      "id": "ieee_7000",
      "section": "§6.2",
      "title": "Value identification and ethical requirements elicitation"
     },
     {
      "id": "nist_rmf",
      "section": "GOVERN 1.2",
      "title": "Trustworthy AI characteristics integrated into organizational policies"
     }
    ],
    "sources": [
     {
      "id": "microsoft_rai_standard_v2_2022",
      "title": "Microsoft Responsible AI Standard v2",
      "authority": "Microsoft Corporation",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2",
      "published_on": "2022-06-21",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.microsoft.com/en-us/ai/responsible-ai",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "microsoft_rai_standard_v2_2022",
      "relationship": "informative_reference",
      "rationale": "Establishes Microsoft Responsible AI Standard v2 requirements informing the apeiris://ethics/controls/EF-01 Ethics Principles Adoption and Operationalization control.",
      "reviewed_on": "2026-07-01"
     },
     {
      "id": "openai_model_spec_2024",
      "title": "OpenAI Model Specification",
      "authority": "OpenAI, L.L.C.",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2024",
      "published_on": "2024-05-08",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://cdn.openai.com/spec/model-spec-2024-05-08.html",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "openai_model_spec_2024",
      "relationship": "informative_reference",
      "rationale": "Establishes OpenAI Model Specification requirements informing the apeiris://ethics/controls/EF-01 Ethics Principles Adoption and Operationalization control.",
      "reviewed_on": "2026-07-01"
     },
     {
      "id": "google_ai_principles_2023",
      "title": "Google AI Principles",
      "authority": "Google LLC",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2025",
      "published_on": "2025-02-04",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://ai.google/responsibility/principles/",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "google_ai_principles_2023",
      "relationship": "informative_reference",
      "rationale": "Establishes Google AI Principles requirements informing the apeiris://ethics/controls/EF-01 Ethics Principles Adoption and Operationalization control.",
      "reviewed_on": "2026-07-02"
     },
     {
      "id": "anthropic_rsp_2024",
      "title": "Anthropic Responsible Scaling Policy v3.3",
      "authority": "Anthropic, PBC",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "3.3",
      "published_on": "2026-05-26",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.anthropic.com/responsible-scaling-policy",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "anthropic_rsp",
      "relationship": "informative_reference",
      "rationale": "Establishes Anthropic Responsible Scaling Policy v3.3 requirements informing the apeiris://ethics/controls/EF-01 Ethics Principles Adoption and Operationalization control.",
      "reviewed_on": "2026-07-02"
     },
     {
      "id": "iso_23894_2023",
      "title": "ISO/IEC 23894:2023 — Artificial Intelligence — Guidance on Risk Management",
      "authority": "International Organization for Standardization / International Electrotechnical Commission",
      "source_type": "standard",
      "normative_force": "voluntary-standard",
      "version": "2023",
      "published_on": "2023-02-01",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.iso.org/standard/77304.html",
      "license": "proprietary",
      "status": "current",
      "flagship": false,
      "source_id": "iso_23894",
      "relationship": "implementation_pattern",
      "rationale": "Establishes ISO/IEC 23894:2023 — Artificial Intelligence — Guidance on Risk Management requirements informing the apeiris://ethics/controls/EF-01 Ethics Principles Adoption and Operationalization control.",
      "reviewed_on": "2026-07-01"
     },
     {
      "id": "colorado_sb26_189",
      "title": "Colorado SB 26-189 — Automated Decision-Making Technology",
      "authority": "Colorado General Assembly",
      "source_type": "regulation",
      "normative_force": "binding-law",
      "version": "SB 26-189",
      "published_on": "2026-05-14",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://leg.colorado.gov/bills/sb26-189",
      "license": "public-domain",
      "status": "current",
      "flagship": false,
      "source_id": "colorado_sb26_189",
      "relationship": "normative_requirement",
      "rationale": "Establishes Colorado SB 26-189 — Automated Decision-Making Technology requirements informing the apeiris://ethics/controls/EF-01 Ethics Principles Adoption and Operationalization control.",
      "reviewed_on": "2026-07-02"
     }
    ],
    "implementation": {
     "pattern": "Adopt a named ethics framework (e.g., OECD AI Principles, IEEE 7000) as the organizational baseline. For each principle, define: the operational requirement it imposes, the design constraints it creates, the metrics used to assess compliance, and the review gate at which compliance is verified. Document in a standing Ethics Principles Register that is version-controlled and reviewed annually.",
     "steps": [
      "Convene an ethics working group including the Chief AI Ethics Officer, Legal Counsel, and domain representatives to select the ethics framework(s) to adopt.",
      "For each adopted principle, write a one-page operationalization brief defining measurable requirements, prohibited design patterns, and evaluation criteria.",
      "Publish the Ethics Principles Register in the governance document management system and assign ownership of each principle to a named role.",
      "Establish an annual review cycle to evaluate whether operationalizations remain current with emerging regulatory and societal expectations.",
      "Integrate principle compliance checks into the AI system intake form so every new system is evaluated against each adopted principle before development begins."
     ],
     "ethics_officer": {
      "summary": "The Ethics Principles Register is your primary governance artifact. Ensure each principle has a named owner and an unambiguous operational definition — vague commitments cannot be audited.",
      "actions": [
       "Draft operationalization briefs for each adopted principle in collaboration with legal and technical teams.",
       "Chair the annual review cycle and approve all updates to the Ethics Principles Register.",
       "Escalate any deployment request where a system cannot demonstrate alignment with a principle."
      ],
      "failure_signals": [
       "Ethics Principles Register has not been reviewed in more than 12 months.",
       "One or more principles lack a named operational owner.",
       "AI system intake forms do not reference the Ethics Principles Register."
      ]
     },
     "legal_counsel": {
      "summary": "Operationalized ethics principles are your best defense in regulatory inquiries and litigation. Ensure the principles register is admissible as evidence of due diligence.",
      "actions": [
       "Review each operationalization brief for legal sufficiency and consistency with applicable law.",
       "Ensure the Ethics Principles Register is maintained under document retention policy.",
       "Map adopted principles to jurisdiction-specific regulatory obligations (EU AI Act, NIST AI RMF, etc.)."
      ],
      "failure_signals": [
       "Principles register does not reference applicable regulatory frameworks.",
       "Operationalization briefs have not been reviewed by legal within the past 18 months."
      ]
     },
     "grc_auditor": {
      "summary": "The Ethics Principles Register is the primary artifact for demonstrating that ethics commitments are governed, not merely stated. Audit for completeness, ownership, and evidence of operationalization in design reviews.",
      "actions": [
       "Request the current Ethics Principles Register and verify that every adopted principle has a named owner and an operational definition.",
       "Sample 3–5 AI systems and confirm their design documentation references the Ethics Principles Register.",
       "Verify that the annual review cycle has been completed and that review evidence is retained."
      ],
      "metrics": [
       "Principle operationalization coverage: target 100% of adopted principles have operational definitions.",
       "Annual review completion rate: target 100%.",
       "AI system intake alignment rate: target ≥95% of new systems reviewed against the register."
      ],
      "failure_signals": [
       "Any principle lacks an operational definition or named owner.",
       "Annual review has not been completed in the current cycle.",
       "Sampled AI systems cannot demonstrate reference to the Ethics Principles Register."
      ]
     },
     "business_stakeholder": {
      "summary": "Ethics principles adoption is not a compliance checkbox — it is a commitment that shapes what products and features can be built. Understand which principles apply to your domain and how they constrain design choices.",
      "actions": [
       "Participate in the ethics working group as a domain representative to ensure principles are practically grounded.",
       "Confirm that business-unit AI initiatives have been reviewed against the Ethics Principles Register before development funding is approved."
      ],
      "failure_signals": [
       "Business units are deploying AI systems without ethics intake review.",
       "Product roadmaps include features that conflict with adopted principles without documented exceptions."
      ]
     }
    },
    "maturity": {
     "current": "initial",
     "target": "managed",
     "notes": "Most organizations have adopted ethics statements but have not operationalized them into verifiable requirements. The gap between stated principles and design practice is the primary ethics governance failure mode."
    },
    "capability_risk": {
     "capability_level": "none"
    },
    "tiers": [
     "universal-enterprise",
     "high-risk-sector",
     "eu-high-risk-ai",
     "cloud-native",
     "federated-enterprise"
    ],
    "implementers": [
     "Ethics Office",
     "Legal Counsel",
     "AI Governance Team",
     "Product Leadership"
    ],
    "frameworks": [
     {
      "framework": "oecd_ai_principles",
      "requirement_id": "Principles 1.1–1.5",
      "fit": "direct",
      "rationale": "The OECD AI Principles directly require organizations to adopt human-centred values, transparency, robustness, and accountability as operational commitments. This control operationalizes those principles by requiring a formal register with named owners and measurable criteria. The 2024 update reinforces that principles must be reflected in governance processes, not just policy statements.",
      "normative_force": "voluntary-standard",
      "source_version": "2024",
      "reviewed_on": "2026-06-29",
      "basis": "asserted",
      "relation": "informs"
     },
     {
      "framework": "iso_42001",
      "requirement_id": "§6.1.2, §8.4",
      "fit": "direct",
      "rationale": "ISO/IEC 42001:2023 requires organizations to identify AI-related risks and opportunities and to establish objectives for responsible AI that are measurable and monitored. The Ethics Principles Register directly satisfies the §6.1.2 requirement to document AI risks and the §8.4 requirement for responsible AI use controls.",
      "normative_force": "certification-standard",
      "source_version": "2023",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "ieee_7000",
      "requirement_id": "§6.2",
      "fit": "direct",
      "rationale": "IEEE 7000-2021 establishes a formal process for ethical requirements elicitation that begins with identifying the value system of the organization and translating values into system requirements. This control implements exactly that process, making the IEEE 7000 methodology the natural implementation pattern.",
      "normative_force": "voluntary-standard",
      "source_version": "2021",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "nist_rmf",
      "requirement_id": "GOVERN 1.2, GOVERN 2.1",
      "fit": "direct",
      "rationale": "NIST AI RMF GOVERN 1.2 requires that the characteristics of trustworthy AI are integrated into organizational policies, processes, and practices, and GOVERN 2.1 requires that roles, responsibilities, and lines of communication for AI risk management are documented. The Ethics Principles Register with named principle owners satisfies both.",
      "normative_force": "voluntary-standard",
      "source_version": "1.0",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "un_ethics_ai",
      "requirement_id": "¶13–¶24 (Values)",
      "fit": "partial",
      "rationale": "UNESCO's Recommendation on the Ethics of AI sets out its foundational values in ¶13–24 — respect for human rights and dignity, environment and ecosystem flourishing, diversity and inclusiveness, and peaceful, just societies. EF-01's register operationalizes adopted principles of exactly this kind into documented, owned, and reviewable requirements, which is how the Recommendation expects values to reach practice.",
      "normative_force": "voluntary-standard",
      "source_version": "2021",
      "reviewed_on": "2026-07-02",
      "basis": "asserted",
      "relation": "informs"
     },
     {
      "framework": "microsoft_rai",
      "requirement_id": "Goals A1–A5 (Accountability); Goals T1–T3 (Transparency)",
      "fit": "direct",
      "rationale": "Microsoft's Responsible AI Standard v2 is structured around six named principles (Accountability, Transparency, Fairness, Reliability & Safety, Privacy & Security, Inclusiveness), each with specific goals and measurable requirements — modeling exactly what EF-01 requires: adopting a recognized ethics framework and defining how each principle translates into operational requirements. The Accountability and Transparency sections specifically require that AI systems are governed through documented commitments with named owners, which mirrors the Ethics Principles Register mandate of this control.",
      "normative_force": "best-practice",
      "source_version": "v2 (2022)",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "openai_model_spec",
      "requirement_id": "Overview (spec structure: The chain of command; Stay in bounds; Seek the truth together; Do the best work)",
      "fit": "partial",
      "rationale": "The OpenAI Model Spec (2025-12-18) organizes OpenAI's stated behavioral principles into named, testable sections — The chain of command, Stay in bounds, Seek the truth together, Do the best work — each of which translates a value commitment into specific behavioral requirements with worked examples. As a published example of ethics principles operationalized into verifiable behavioral criteria, it is a useful reference model for the operationalization exercise EF-01 requires, though it governs OpenAI's own models rather than imposing requirements on deployers.",
      "normative_force": "best-practice",
      "source_version": "2025-12-18",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "google_ai_principles",
      "requirement_id": "Responsible development and deployment — appropriate human oversight, due diligence, and feedback mechanisms; rigorous design, testing, monitoring, and safeguards",
      "fit": "partial",
      "rationale": "Google's current AI Principles (the 2025 revision, which replaced the 2018 seven-principles list with three pillars — Bold innovation; Responsible development and deployment; Collaborative progress) commit under 'Responsible development and deployment' to appropriate human oversight, due diligence, and feedback mechanisms, and to rigorous design, testing, monitoring, and safeguards. These pillar-level commitments are the kind of published principles an organization can adopt as a baseline in its EF-01 register — but they only become auditable once translated into named operational requirements, which is exactly the operationalization EF-01 mandates.",
      "normative_force": "best-practice",
      "source_version": "2025",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "anthropic_rsp",
      "requirement_id": "Capability Thresholds and Required Safeguards (AI Safety Level standards)",
      "fit": "adjacent",
      "rationale": "The Anthropic Responsible Scaling Policy v3.3 operationalizes safety commitments into Capability Thresholds paired with Required Safeguards (AI Safety Level standards), showing how abstract principles become measurable, evaluation-gated commitments. The RSP binds Anthropic itself rather than its customers, but it is a useful structural reference for the principle-to-threshold-to-requirement mapping that EF-01's operationalization briefs require.",
      "normative_force": "best-practice",
      "source_version": "3.3",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "iso_23894",
      "requirement_id": "Clause 4 (Risk management principles)",
      "fit": "partial",
      "rationale": "ISO/IEC 23894:2023 clause 4 sets out principles for AI risk management, adapting the ISO 31000 principle framework to AI-specific concerns. EF-01's adopted ethics principles should be cross-referenced to this principle structure so that ethics commitments and AI risk management rest on one canonical principle set.",
      "normative_force": "voluntary-standard",
      "source_version": "2023",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "co_ai_act",
      "requirement_id": "§6-1-1701 et seq. (Automated decision-making technology — consumer disclosure and appeal duties)",
      "fit": "partial",
      "rationale": "Colorado SB 26-189 (signed 2026-05-14, effective 2027-01-01) replaced the developer/deployer duty-of-care, impact-assessment, and risk-management-program regime of SB 24-205 with a narrower automated decision-making technology (ADMT) framework centered on consumer disclosure and appeal rights for consequential decisions. EF-01's operationalized principles register gives an organization the governance baseline for meeting ADMT disclosure and review duties, but SB 26-189 itself no longer mandates a developer risk-management program.",
      "normative_force": "binding-law",
      "source_version": "SB 26-189",
      "reviewed_on": "2026-07-02",
      "basis": "asserted",
      "relation": "satisfies"
     }
    ],
    "canonical_id": "apeiris://ethics/controls/EF-01",
    "meta": {
     "authored_on": "2026-06-29",
     "schema_version": "1.1.0"
    },
    "validation_objective": "The Ethics Principles Register must exist as a versioned, governance-approved document in which every adopted ethics principle has a named operational owner and a documented operational definition specifying measurable requirements, prohibited design patterns, and evaluation criteria. Every AI system intake record must reference the current register version before engineering resources are allocated.",
    "evidence_required": [
     "ethics_principles_register document with version, approval_date, and each adopted principle mapped to a named operational_owner, measurable_requirements list, prohibited_design_patterns list, and evaluation_criteria",
     "ai_system_intake_form records for all active AI systems confirming a non-null ethics_principles_register_version field referencing the current register version",
     "annual_review_record with completion_date, reviewer_identity, and change_log for the current 12-month review cycle",
     "governance_approval_record showing working group and executive or board sign-off on the current register version"
    ],
    "machine_tests": [
     "Retrieve Ethics Principles Register → assert each principle entry has non-null operational_owner, measurable_requirements (array, length >= 1), and evaluation_criteria fields",
     "Query AI system intake registry for all active projects → assert each record contains a non-null ethics_principles_register_version field matching the current register version",
     "Check Ethics Principles Register last_reviewed_date → assert date is within 365 days of today"
    ],
    "human_review": [
     "Review operationalization briefs for each adopted principle to confirm requirements are specific, testable, and not aspirational — reject entries that merely restate the principle without measurable criteria",
     "Verify that named principle owners have been formally notified and have acknowledged their responsibilities in writing",
     "Sample 5 recent AI system intake records to confirm the ethics principles register review was conducted substantively before development funding was approved"
    ],
    "blocking_effect": "blocks-deployment",
    "normative_status": "certification-standard",
    "anti_patterns": [
     "Publishing an ethics policy statement without documenting operational requirements for each principle, leaving ethics commitments unactionable in design reviews and deployment gates",
     "Assigning all ethics principles to a single 'Ethics Office' owner rather than distributing ownership to named individuals with implementation authority in each principle's domain",
     "Maintaining the Ethics Principles Register as a static PDF outside version control, preventing auditability of changes and making it impossible to confirm which version was in effect at a given system's intake date",
     "Treating the annual review as a rubber-stamp approval without reassessing whether operationalizations remain current with evolving regulatory guidance and societal expectations",
     "Exempting internally-deployed AI tools and infrastructure models from the intake review process while applying the register only to externally-facing systems"
    ],
    "update_status": "current",
    "layer_code": "EF"
   },
   {
    "id": "EF-02",
    "layer": "EF",
    "plane": "control",
    "name": "Values-to-Design Mapping",
    "plain": "Every AI system must have a documented mapping that traces organizational values and ethics commitments to specific design decisions, architecture choices, feature constraints, and evaluation criteria — making explicit how stated values influenced what was built and why.",
    "threat": {
     "tags": [
      "values-drift",
      "design-ethics-gap",
      "untraced-tradeoffs",
      "accountability-gap"
     ],
     "desc": "When values are not explicitly mapped to design decisions, ethics commitments are invisible in the artifact that actually affects users. Engineers make tradeoffs under time and resource pressure that silently violate organizational values without anyone recognizing the conflict. Post-incident reviews cannot determine whether harm resulted from a values failure or an engineering error, making accountability impossible and remediation unfocused."
    },
    "standard": [
     {
      "id": "ieee_7000",
      "section": "§7–§9",
      "title": "Value requirements, ethical design criteria, and traceability"
     },
     {
      "id": "iso_42001",
      "section": "§8.3",
      "title": "AI system design and development documentation"
     },
     {
      "id": "nist_rmf",
      "section": "MAP 1.1, MAP 2.2",
      "title": "Context and categorization; AI risk identification and traceability"
     },
     {
      "id": "microsoft_rai",
      "section": "Goals F1–F3; Goal T1",
      "title": "Fairness and transparency goals (Responsible AI Standard v2)"
     }
    ],
    "sources": [
     {
      "id": "microsoft_rai_standard_v2_2022",
      "title": "Microsoft Responsible AI Standard v2",
      "authority": "Microsoft Corporation",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2",
      "published_on": "2022-06-21",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.microsoft.com/en-us/ai/responsible-ai",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "microsoft_rai_standard_v2_2022",
      "relationship": "informative_reference",
      "rationale": "Establishes Microsoft Responsible AI Standard v2 requirements informing the apeiris://ethics/controls/EF-02 Values-to-Design Mapping control.",
      "reviewed_on": "2026-07-01"
     },
     {
      "id": "openai_model_spec_2024",
      "title": "OpenAI Model Specification",
      "authority": "OpenAI, L.L.C.",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2024",
      "published_on": "2024-05-08",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://cdn.openai.com/spec/model-spec-2024-05-08.html",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "openai_model_spec_2024",
      "relationship": "informative_reference",
      "rationale": "Establishes OpenAI Model Specification requirements informing the apeiris://ethics/controls/EF-02 Values-to-Design Mapping control.",
      "reviewed_on": "2026-07-01"
     },
     {
      "id": "anthropic_rsp_2024",
      "title": "Anthropic Responsible Scaling Policy v3.3",
      "authority": "Anthropic, PBC",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "3.3",
      "published_on": "2026-05-26",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.anthropic.com/responsible-scaling-policy",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "anthropic_rsp",
      "relationship": "informative_reference",
      "rationale": "Establishes Anthropic Responsible Scaling Policy v3.3 requirements informing the apeiris://ethics/controls/EF-02 Values-to-Design Mapping control.",
      "reviewed_on": "2026-07-02"
     },
     {
      "id": "google_ai_principles_2023",
      "title": "Google AI Principles",
      "authority": "Google LLC",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2025",
      "published_on": "2025-02-04",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://ai.google/responsibility/principles/",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "google_ai_principles_2023",
      "relationship": "informative_reference",
      "rationale": "Establishes Google AI Principles requirements informing the apeiris://ethics/controls/EF-02 Values-to-Design Mapping control.",
      "reviewed_on": "2026-07-02"
     },
     {
      "id": "ibm_ai_fairness_360_2021",
      "title": "IBM AI Fairness 360 (AIF360)",
      "authority": "IBM Corporation",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2018",
      "published_on": "2018-09-19",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://github.com/Trusted-AI/AIF360",
      "license": "open-source-apache2",
      "status": "current",
      "flagship": false,
      "source_id": "ibm_ai_fairness_360_2021",
      "relationship": "informative_reference",
      "rationale": "Establishes IBM AI Fairness 360 (AIF360) requirements informing the apeiris://ethics/controls/EF-02 Values-to-Design Mapping control.",
      "reviewed_on": "2026-07-02"
     }
    ],
    "implementation": {
     "pattern": "For each AI system, produce a Values-to-Design Traceability Matrix at design review stage. Each row maps one organizational value or ethics principle to: the specific design decision it influenced, the alternative that was rejected, the rationale for the chosen approach, and the evaluation criterion used to verify alignment. The matrix is version-controlled alongside system design documentation.",
     "steps": [
      "Define a standard Values-to-Design Traceability Matrix template with columns: Value/Principle, Design Decision, Rejected Alternative, Rationale, Evaluation Criterion, Verified By.",
      "Require completion of the matrix as a gate artifact in the AI system design review process before engineering resources are allocated.",
      "Assign a named ethics reviewer to validate each matrix entry and confirm that stated rationale is substantive rather than formulaic.",
      "Maintain the matrix as a living document updated whenever a significant design change is made that affects the value alignment of the system.",
      "Include the current matrix version in the system's ethics impact assessment and evidence package."
     ],
     "ethics_officer": {
      "summary": "The Values-to-Design Matrix is the primary artifact demonstrating that ethics is embedded in design, not bolted on afterward. Review matrices for substantive rationale — entries that merely assert compliance without explaining tradeoffs are insufficient.",
      "actions": [
       "Review Values-to-Design Matrices for all high-risk AI systems before design approval.",
       "Identify patterns of rejected alternatives that reveal systematic values tradeoffs requiring policy clarification.",
       "Update the matrix template annually to reflect new organizational commitments and regulatory expectations."
      ],
      "failure_signals": [
       "AI systems proceeding to engineering without a completed and reviewed matrix.",
       "Matrix entries contain boilerplate rationale without genuine tradeoff analysis.",
       "Design changes made post-approval without updating the matrix."
      ]
     },
     "data_scientist": {
      "summary": "Values-to-design mapping applies directly to modeling choices: which objective function you optimize, which fairness constraint you apply, which data you include or exclude. Document these decisions explicitly rather than treating them as purely technical.",
      "actions": [
       "Document the ethical rationale for objective function selection and fairness constraint choices in the Values-to-Design Matrix.",
       "Record data inclusion and exclusion decisions with explicit reference to the values they serve.",
       "Flag modeling tradeoffs (e.g., accuracy vs. fairness) as explicit matrix entries requiring ethics reviewer sign-off."
      ],
      "failure_signals": [
       "Modeling choices are documented only in technical terms without ethical rationale.",
       "Fairness constraints are applied without documented connection to organizational values.",
       "Accuracy-fairness tradeoffs are resolved without ethics reviewer involvement."
      ]
     },
     "grc_auditor": {
      "summary": "Values-to-Design Matrices are the audit trail demonstrating that ethics principles influenced actual design outcomes. Verify completeness, substantive rationale, and that matrices are current with system design.",
      "actions": [
       "Request Values-to-Design Matrices for a sample of AI systems and verify that each adopted ethics principle appears in at least one matrix entry.",
       "Confirm that matrices are version-controlled and that design changes are reflected in matrix updates.",
       "Verify that a named ethics reviewer approved each matrix before the system proceeded to engineering."
      ],
      "metrics": [
       "Matrix coverage rate: target 100% of AI systems in the high-risk inventory have a current matrix.",
       "Reviewer approval rate: target 100% of matrices have documented ethics reviewer sign-off.",
       "Principle traceability rate: target 100% of adopted principles appear in at least one system matrix."
      ],
      "failure_signals": [
       "AI systems in production without a Values-to-Design Matrix.",
       "Matrices not updated following significant design changes.",
       "Matrices approved without documented ethics reviewer involvement."
      ]
     },
     "business_stakeholder": {
      "summary": "Values-to-design mapping makes visible the tradeoffs being made between competing product objectives and ethical commitments. Engage with the process to ensure business priorities are weighed alongside ethics requirements and to understand what constraints apply to your product.",
      "actions": [
       "Participate in design reviews where Values-to-Design Matrices are presented.",
       "Escalate to the ethics officer if product constraints imposed by the matrix are not understood or appear disproportionate."
      ],
      "failure_signals": [
       "Business teams bypassing the design review gate where matrix completion is required.",
       "Product decisions overriding matrix-documented constraints without a formal exception process."
      ]
     }
    },
    "maturity": {
     "current": "initial",
     "target": "defined",
     "notes": "Values-to-design traceability is a mature practice in safety-critical engineering (DO-178C, IEC 61508) but is rarely applied to AI ethics. Adapting traceability methodology to ethical requirements is the primary implementation challenge."
    },
    "capability_risk": {
     "capability_level": "none"
    },
    "tiers": [
     "universal-enterprise",
     "high-risk-sector",
     "eu-high-risk-ai",
     "cloud-native"
    ],
    "implementers": [
     "AI Engineering Teams",
     "Ethics Office",
     "Product Management",
     "GRC Team"
    ],
    "frameworks": [
     {
      "framework": "ieee_7000",
      "requirement_id": "§7–§9",
      "fit": "direct",
      "rationale": "IEEE 7000-2021 is the primary standard for this control, providing a formal methodology for eliciting value requirements, translating them into ethical design criteria, and maintaining traceability from values through architecture to implementation. The Values-to-Design Matrix is a direct implementation of the IEEE 7000 traceability requirement.",
      "normative_force": "voluntary-standard",
      "source_version": "2021",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "iso_42001",
      "requirement_id": "§8.3",
      "fit": "direct",
      "rationale": "ISO/IEC 42001:2023 §8.3 requires that AI system design and development activities document how responsible AI objectives were considered and addressed. The Values-to-Design Matrix is the documentation artifact that satisfies this requirement by providing traceability from objectives to design decisions.",
      "normative_force": "certification-standard",
      "source_version": "2023",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "nist_rmf",
      "requirement_id": "MAP 1.1, MAP 2.2",
      "fit": "direct",
      "rationale": "NIST AI RMF MAP function requires that AI system context and risks are identified and that risk identification is traceable. Values-to-design mapping provides the traceability layer that connects organizational risk context (values and ethics commitments) to specific design-level risk decisions.",
      "normative_force": "voluntary-standard",
      "source_version": "1.0",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "microsoft_rai",
      "requirement_id": "Goals F1–F3 (Fairness); Goal T1 (System intelligibility)",
      "fit": "partial",
      "rationale": "Microsoft's Responsible AI Standard v2 requires that fairness and transparency principles be reflected in design decisions and documented in system artifacts. The Values-to-Design Matrix provides a structured mechanism for satisfying these documentation requirements, particularly for systems using Microsoft Azure AI services.",
      "normative_force": "best-practice",
      "source_version": "v2 (2022)",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "eu_ai_act",
      "requirement_id": "Art. 9 (Risk Management), Art. 13 (Transparency)",
      "fit": "partial",
      "rationale": "The EU AI Act requires high-risk AI system providers to establish risk management systems and to document design decisions in technical documentation. Values-to-Design Matrices contribute to technical documentation completeness and demonstrate that ethics considerations were integrated into the design process.",
      "normative_force": "binding-law",
      "source_version": "2024/1689",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "satisfies"
     },
     {
      "framework": "openai_model_spec",
      "requirement_id": "Stay in bounds — Try to prevent imminent real-world harm",
      "fit": "partial",
      "rationale": "The Model Spec's Stay in bounds section traces OpenAI's harm-avoidance commitment into concrete behavioral rules — including 'Try to prevent imminent real-world harm' — with worked examples showing how the value constrains model outputs in specific scenarios. This value-to-rule traceability is a vendor illustration of the mapping EF-02's Values-to-Design Traceability Matrix must capture for each organizational ethics commitment.",
      "normative_force": "best-practice",
      "source_version": "2025-12-18",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "anthropic_rsp",
      "requirement_id": "ASL-3 Deployment and Security Standards",
      "fit": "partial",
      "rationale": "The RSP v3.3 maps safety values to concrete design and operational constraints: the ASL-3 Deployment Standard and ASL-3 Security Standard specify the safeguards required once a Capability Threshold is reached. This traceability from stated value to threshold to required safeguard is the same structure EF-02's Values-to-Design Traceability Matrix captures for organizational ethics commitments; the RSP itself binds Anthropic, not deployers.",
      "normative_force": "best-practice",
      "source_version": "3.3",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "google_ai_principles",
      "requirement_id": "Responsible development and deployment — rigorous design, testing, monitoring, and safeguards",
      "fit": "partial",
      "rationale": "Google's current AI Principles (the 2025 revision, which replaced the 2018 seven-principles list with three pillars — Bold innovation; Responsible development and deployment; Collaborative progress) commit to rigorous design, testing, monitoring, and safeguards in AI development. EF-02's Values-to-Design Traceability Matrix is the artifact that records how such pillar-level commitments are actually carried into design decisions, test criteria, and documented tradeoffs for each system.",
      "normative_force": "best-practice",
      "source_version": "2025",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "ibm_ai_fairness",
      "requirement_id": "Fairness metrics (demographic parity difference, equalized odds difference)",
      "fit": "partial",
      "rationale": "AIF360 is an open-source toolkit — not a normative standard — providing roughly 70 computable fairness metrics, including demographic parity difference and equalized odds difference. For EF-02, these metrics are directly usable as the evaluation-criterion entries when tracing organizational fairness values through to measurable design constraints.",
      "normative_force": "best-practice",
      "source_version": "2018",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     }
    ],
    "canonical_id": "apeiris://ethics/controls/EF-02",
    "meta": {
     "authored_on": "2026-06-29",
     "schema_version": "1.1.0"
    },
    "validation_objective": "Every AI system that has received design approval must have a Values-to-Design Traceability Matrix approved by a named ethics reviewer before engineering resources are allocated. Each matrix must contain at least one row per adopted organizational ethics principle, explicitly tracing that principle to a specific design decision, rejected alternative, rationale for the chosen approach, and the evaluation criterion used to verify alignment.",
    "evidence_required": [
     "values_to_design_matrix for each AI system with columns for principle, design_decision, rejected_alternative, rationale, and evaluation_criterion — version-controlled alongside system design documentation",
     "ethics_reviewer_approval_record identifying the named reviewer, sign-off date, and matrix version approved for each AI system",
     "design_review_gate_record showing the matrix was attached and approved before engineering phase commencement, with timestamps confirming pre-transition completion",
     "matrix_update_log recording dates, descriptions, and reviewer sign-off for changes made following significant post-approval design changes"
    ],
    "machine_tests": [
     "Query design review gate records for all AI systems that entered the engineering phase → assert each record has an attached values_to_design_matrix with status=approved and approval_date before engineering_start_date",
     "Parse all Values-to-Design Matrices in the portfolio → assert each adopted ethics principle from the Ethics Principles Register appears in at least one matrix row with a non-empty rationale field",
     "Check Values-to-Design Matrices for systems with documented design changes in the past 90 days → assert matrix last_updated_date is within 30 days of the design_change_date"
    ],
    "human_review": [
     "Review a sample of matrix entries for substantive content — verify that rationale fields articulate genuine tradeoffs rather than containing boilerplate assertions that do not distinguish between systems",
     "Confirm that ethics reviewer approval records were created before design phase gate closure and were not backdated after engineering had begun",
     "Assess whether data scientist modeling choices — objective functions, fairness constraints, data inclusion and exclusion decisions — are reflected in matrix entries with documented ethical rationale"
    ],
    "blocking_effect": "blocks-deployment",
    "normative_status": "certification-standard",
    "anti_patterns": [
     "Using identical boilerplate rationale text across all matrix rows and across multiple systems without documenting the specific tradeoff considered for each design decision",
     "Completing the Values-to-Design Matrix after engineering decisions have been made and treating it as retrospective documentation of foregone conclusions rather than as a decision-forcing mechanism",
     "Delegating matrix completion to project managers or compliance officers rather than to engineers and data scientists who made the actual design decisions and understand the tradeoffs",
     "Omitting model-level choices — objective function selection, regularization decisions, training data exclusions — from the matrix on the grounds that they are 'purely technical' rather than value-laden",
     "Restricting matrix coverage to features visible to end users while omitting internal architectural decisions — such as data pipeline design and model selection — that carry significant ethics implications"
    ],
    "update_status": "current",
    "layer_code": "EF"
   },
   {
    "id": "EF-03",
    "layer": "EF",
    "plane": "control",
    "name": "Ethical Risk Appetite Definition",
    "plain": "The organization must define and formally adopt an ethical risk appetite statement that specifies the types and levels of ethical harm it is unwilling to accept, the threshold conditions under which AI system deployment is blocked or restricted, and the governance authority responsible for granting exceptions.",
    "threat": {
     "tags": [
      "risk-appetite-vacuum",
      "deployment-without-threshold",
      "ethics-bypass",
      "ungoverned-exception"
     ],
     "desc": "Without a defined ethical risk appetite, every deployment decision defaults to ad-hoc judgment, making it impossible to apply consistent standards across systems or demonstrate that deployment decisions were principled rather than commercially motivated. High-risk systems proceed to production because no one has explicit authority to block them on ethical grounds. Exception requests lack a reference standard against which to evaluate whether an exception is permissible."
    },
    "standard": [
     {
      "id": "iso_42001",
      "section": "§6.1.1, §6.1.2",
      "title": "AI risk appetite and tolerance thresholds"
     },
     {
      "id": "nist_rmf",
      "section": "GOVERN 1.3, GOVERN 4.1",
      "title": "Risk tolerance and organizational risk posture"
     },
     {
      "id": "oecd_ai_principles",
      "section": "Principle 1.4",
      "title": "Robustness, security, and safety: defining acceptable risk levels"
     },
     {
      "id": "eu_ai_act",
      "section": "Art. 9(4)",
      "title": "Risk management: identification of known and foreseeable risks"
     }
    ],
    "sources": [
     {
      "id": "anthropic_rsp_2024",
      "title": "Anthropic Responsible Scaling Policy v3.3",
      "authority": "Anthropic, PBC",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "3.3",
      "published_on": "2026-05-26",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.anthropic.com/responsible-scaling-policy",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "anthropic_rsp",
      "relationship": "informative_reference",
      "rationale": "Establishes Anthropic Responsible Scaling Policy v3.3 requirements informing the apeiris://ethics/controls/EF-03 Ethical Risk Appetite Definition control.",
      "reviewed_on": "2026-07-02"
     },
     {
      "id": "openai_model_spec_2024",
      "title": "OpenAI Model Specification",
      "authority": "OpenAI, L.L.C.",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2024",
      "published_on": "2024-05-08",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://cdn.openai.com/spec/model-spec-2024-05-08.html",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "openai_model_spec_2024",
      "relationship": "informative_reference",
      "rationale": "Establishes OpenAI Model Specification requirements informing the apeiris://ethics/controls/EF-03 Ethical Risk Appetite Definition control.",
      "reviewed_on": "2026-07-01"
     },
     {
      "id": "microsoft_rai_standard_v2_2022",
      "title": "Microsoft Responsible AI Standard v2",
      "authority": "Microsoft Corporation",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2",
      "published_on": "2022-06-21",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.microsoft.com/en-us/ai/responsible-ai",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "microsoft_rai_standard_v2_2022",
      "relationship": "informative_reference",
      "rationale": "Establishes Microsoft Responsible AI Standard v2 requirements informing the apeiris://ethics/controls/EF-03 Ethical Risk Appetite Definition control.",
      "reviewed_on": "2026-07-01"
     },
     {
      "id": "google_ai_principles_2023",
      "title": "Google AI Principles",
      "authority": "Google LLC",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2025",
      "published_on": "2025-02-04",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://ai.google/responsibility/principles/",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "google_ai_principles_2023",
      "relationship": "informative_reference",
      "rationale": "Establishes Google AI Principles requirements informing the apeiris://ethics/controls/EF-03 Ethical Risk Appetite Definition control.",
      "reviewed_on": "2026-07-02"
     },
     {
      "id": "meta_llama_responsible_use_2024",
      "title": "Meta Llama Responsible Use Guide",
      "authority": "Meta Platforms, Inc.",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2023",
      "published_on": "2023-07-18",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.llama.com/responsible-use-guide/",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "meta_llama_responsible_use_2024",
      "relationship": "informative_reference",
      "rationale": "Establishes Meta Llama Responsible Use Guide requirements informing the apeiris://ethics/controls/EF-03 Ethical Risk Appetite Definition control.",
      "reviewed_on": "2026-07-02"
     }
    ],
    "implementation": {
     "pattern": "Produce an Ethical Risk Appetite Statement as a board-approved policy document. The statement defines: (1) absolute prohibitions (zero-tolerance harms that block deployment unconditionally), (2) conditional tolerance bands (harms acceptable only with specified mitigations and time-bound review), (3) residual risk thresholds (maximum acceptable residual harm after mitigation), and (4) exception governance (who can grant exceptions, under what conditions, with what documentation). Review annually and upon significant regulatory change.",
     "steps": [
      "Establish a cross-functional risk appetite working group including the Ethics Officer, Legal Counsel, Risk Management, and business representatives to draft the initial statement.",
      "Define absolute prohibitions as a named list of harm types (e.g., covert behavioral manipulation, discriminatory denial of public services) against which no deployment exception is permissible.",
      "Specify conditional tolerance bands as harm types acceptable under defined mitigations, with maximum acceptable residual risk scores and mandatory review intervals.",
      "Define the exception governance process: who has authority to approve exceptions, what documentation is required, and what conditions trigger escalation to board level.",
      "Integrate the risk appetite statement into the AI Ethics Impact Assessment methodology so every assessment produces a verdict against the stated appetite."
     ],
     "ethics_officer": {
      "summary": "The Ethical Risk Appetite Statement is your primary governance instrument for blocking or conditioning deployments. Ensure absolute prohibitions are unambiguous and that exception authority is appropriately senior — ethics decisions should not be delegatable below a defined level.",
      "actions": [
       "Lead the annual review of the Ethical Risk Appetite Statement and present updates to the board for approval.",
       "Maintain a register of all exceptions granted against the risk appetite and report to the board quarterly.",
       "Escalate any deployment that would require an exception to absolute prohibitions — these should never be approved at the operational level."
      ],
      "failure_signals": [
       "Risk appetite statement not reviewed or board-reapproved in more than 12 months.",
       "Exceptions granted without documented rationale or senior governance sign-off.",
       "AI systems in production that would fail the absolute prohibition test under the current statement."
      ]
     },
     "legal_counsel": {
      "summary": "The Ethical Risk Appetite Statement must be legally defensible. Absolute prohibitions should map directly to legal prohibitions under applicable law. Conditional tolerances must not create implied warranties of safety that exceed the organization's actual capabilities.",
      "actions": [
       "Review the Ethical Risk Appetite Statement for legal consistency with EU AI Act Art. 5 prohibited practices, GDPR, and applicable sector regulations.",
       "Ensure the statement does not create liability exposure through overpromising harm prevention.",
       "Advise on the governance structure for exception authority to ensure appropriate delegation of authority documentation."
      ],
      "failure_signals": [
       "Risk appetite statement inconsistent with legal prohibitions under applicable law.",
       "Statement approved without legal review.",
       "Exception governance process lacks documented authority delegation."
      ]
     },
     "grc_auditor": {
      "summary": "Audit the Ethical Risk Appetite Statement for completeness, board approval, and operational integration. Verify that AI system deployments are evaluated against the statement and that exceptions are documented and authorized.",
      "actions": [
       "Verify that the current Ethical Risk Appetite Statement is board-approved and within its annual review cycle.",
       "Sample AI system deployment records and confirm that ethics impact assessment verdicts reference the risk appetite thresholds.",
       "Review the exception register for completeness and confirm all exceptions have appropriate governance sign-off."
      ],
      "metrics": [
       "Risk appetite statement currency: board-approved within the past 12 months.",
       "Deployment assessment alignment rate: target 100% of high-risk AI systems assessed against the risk appetite.",
       "Exception documentation rate: target 100% of exceptions have documented rationale and approval."
      ],
      "failure_signals": [
       "Risk appetite statement not board-approved or overdue for review.",
       "High-risk AI systems deployed without an ethics impact assessment referencing the risk appetite.",
       "Exception register incomplete or exceptions without documented approval authority."
      ]
     },
     "business_stakeholder": {
      "summary": "The Ethical Risk Appetite Statement defines the boundary conditions for what your business can build and deploy. Engage with the process early to understand constraints — overly restrictive thresholds that cannot be operationally justified will be circumvented, while thresholds set too loosely expose the organization.",
      "actions": [
       "Participate in the risk appetite working group to provide business context for harm tolerance thresholds.",
       "Review the statement's conditional tolerance provisions to understand what mitigations are required for systems in your domain.",
       "Escalate to the ethics officer if business requirements appear to conflict with absolute prohibitions before design investment is made."
      ],
      "failure_signals": [
       "Business units unaware of the organization's ethical risk appetite thresholds.",
       "Deployment decisions made without reference to the risk appetite statement.",
       "Conflicts between business requirements and absolute prohibitions not surfaced until late in the development cycle."
      ]
     }
    },
    "maturity": {
     "current": "initial",
     "target": "managed",
     "notes": "Financial services organizations have mature risk appetite frameworks for financial and operational risk, but applying the same methodology to ethical risk is nascent. The key challenge is translating qualitative ethics commitments into quantifiable thresholds."
    },
    "capability_risk": {
     "capability_level": "none"
    },
    "tiers": [
     "universal-enterprise",
     "high-risk-sector",
     "eu-high-risk-ai",
     "federated-enterprise"
    ],
    "implementers": [
     "Ethics Office",
     "Risk Management",
     "Legal Counsel",
     "Board/Executive Governance"
    ],
    "frameworks": [
     {
      "framework": "iso_42001",
      "requirement_id": "§6.1.1, §6.1.2",
      "fit": "direct",
      "rationale": "ISO/IEC 42001:2023 requires that organizations determine the risks and opportunities relevant to their AI management system and establish criteria for evaluating those risks, including acceptable risk levels. The Ethical Risk Appetite Statement is the primary artifact for satisfying the risk criteria requirement.",
      "normative_force": "certification-standard",
      "source_version": "2023",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "nist_rmf",
      "requirement_id": "GOVERN 1.3, GOVERN 4.1",
      "fit": "direct",
      "rationale": "NIST AI RMF GOVERN 1.3 requires that organizational risk tolerance for AI is defined and communicated, and GOVERN 4.1 requires that organizational risk posture is reflected in deployment decisions. The Ethical Risk Appetite Statement directly operationalizes both requirements.",
      "normative_force": "voluntary-standard",
      "source_version": "1.0",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "eu_ai_act",
      "requirement_id": "Art. 9(4), Art. 9(5)",
      "fit": "partial",
      "rationale": "EU AI Act Art. 9 requires that high-risk AI system providers identify known and foreseeable risks and estimate and evaluate those risks against defined acceptable risk levels. The Ethical Risk Appetite Statement provides the organizational risk level definitions that feed into Art. 9 risk management system requirements.",
      "normative_force": "binding-law",
      "source_version": "2024/1689",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "satisfies"
     },
     {
      "framework": "oecd_ai_principles",
      "requirement_id": "Principle 1.4",
      "fit": "partial",
      "rationale": "OECD AI Principle 1.4 on robustness and safety requires that AI actors assess and manage the risks of AI systems throughout their lifecycle. Defining an ethical risk appetite provides the organizational baseline against which risk assessment verdicts are measured.",
      "normative_force": "voluntary-standard",
      "source_version": "2024",
      "reviewed_on": "2026-06-29",
      "basis": "asserted",
      "relation": "informs"
     },
     {
      "framework": "acm_ethics",
      "requirement_id": "§1.2, §2.5",
      "fit": "adjacent",
      "rationale": "ACM Code of Ethics §1.2 requires computing professionals to avoid harm and §2.5 requires giving comprehensive and thorough evaluations of computer systems and their impacts. Defining an ethical risk appetite formalizes the organizational standard against which computing professionals apply these individual obligations.",
      "normative_force": "best-practice",
      "source_version": "2018",
      "reviewed_on": "2026-06-29",
      "basis": "asserted",
      "relation": "informs"
     },
     {
      "framework": "anthropic_rsp",
      "requirement_id": "Capability Thresholds and Required Safeguards",
      "fit": "adjacent",
      "rationale": "The RSP v3.3 is structurally an organizational risk appetite statement: Capability Thresholds define the capability levels Anthropic will not pass without specified safeguards, and Required Safeguards define the conditions under which continued training and deployment are acceptable. EF-03's Ethical Risk Appetite Statement uses the same architecture — defined thresholds, conditional tolerance, and governance authority for exceptions — applied to enterprise ethics rather than frontier-model capability risk. The RSP binds Anthropic only.",
      "normative_force": "best-practice",
      "source_version": "3.3",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "openai_model_spec",
      "requirement_id": "The chain of command; Stay in bounds",
      "fit": "partial",
      "rationale": "The Model Spec encodes OpenAI's risk appetite structurally: rules in Stay in bounds are constraints that no operator or user instruction can override, while chain-of-command defaults may be adjusted by operators within defined bounds. This split between non-negotiable prohibitions and configurable tolerance bands parallels the absolute-prohibition and conditional-tolerance structure an Ethical Risk Appetite Statement requires under EF-03.",
      "normative_force": "best-practice",
      "source_version": "2025-12-18",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "microsoft_rai",
      "requirement_id": "Goal A1 (Impact assessment); Goal A2 (Oversight of significant adverse impacts)",
      "fit": "partial",
      "rationale": "Microsoft's Responsible AI Standard v2 requires impact assessment processes that identify threshold conditions for deployment review, including sensitivity categorizations that define when additional scrutiny is required — directly analogous to the conditional tolerance bands in an Ethical Risk Appetite Statement. The Accountability goals require that oversight mechanisms are defined at appropriate governance levels, informing the exception governance structure that EF-03 mandates.",
      "normative_force": "best-practice",
      "source_version": "v2 (2022)",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "google_ai_principles",
      "requirement_id": "Bold innovation — pursuing AI where likely overall benefits substantially outweigh foreseeable risks; responsible development and deployment",
      "fit": "partial",
      "rationale": "Google's current AI Principles (the 2025 revision, which replaced the 2018 seven-principles list with three pillars — Bold innovation; Responsible development and deployment; Collaborative progress) frame organizational risk appetite directly: AI should be pursued where the likely overall benefits substantially outweigh the foreseeable risks, developed and deployed responsibly. EF-03's Ethical Risk Appetite Statement turns that benefit-risk posture into documented thresholds, tolerance bands, and exception governance an enterprise can audit.",
      "normative_force": "best-practice",
      "source_version": "2025",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "meta_llama_rai",
      "requirement_id": "Llama Acceptable Use Policy (separate document)",
      "fit": "partial",
      "rationale": "Meta's Llama models are licensed subject to the Llama Acceptable Use Policy — a separate document from the Responsible Use Guide (llama.com/use-policy) — which enumerates prohibited uses of the models. Organizations deploying Llama should fold the AUP's prohibited-use categories into their EF-03 risk appetite definitions, ensuring organizational thresholds are no less restrictive than the license-level prohibitions.",
      "normative_force": "best-practice",
      "source_version": "2023",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     }
    ],
    "canonical_id": "apeiris://ethics/controls/EF-03",
    "meta": {
     "authored_on": "2026-06-29",
     "schema_version": "1.1.0"
    },
    "validation_objective": "The organization must have a board-approved Ethical Risk Appetite Statement specifying at least one absolute prohibition (zero-tolerance harm type that unconditionally blocks deployment), at least one conditional tolerance band with a measurable residual risk threshold, and a documented exception governance process naming the authority level required to grant exceptions. Every high-risk AI system deployment decision must reference the applicable risk appetite tier in its documentation.",
    "evidence_required": [
     "ethical_risk_appetite_statement document with board_approval_record, approval_date, and version, containing an absolute_prohibitions list with named harm types and a conditional_tolerance_bands list with measurable residual_risk_thresholds",
     "exception_governance_process_document specifying who holds exception authority by harm category, required documentation for each exception request, and conditions that trigger escalation to board level",
     "ai_system_deployment_records for all high-risk systems linking each deployment decision to the applicable risk_appetite_tier and referencing the current statement version",
     "exception_register with each entry including system_id, harm_type, approver_role, approval_date, rationale, and next_review_date",
     "annual_review_completion_record with board re-approval date and change log for the current review cycle"
    ],
    "machine_tests": [
     "Retrieve Ethical Risk Appetite Statement → assert document has board_approval_date within past 12 months, at least one absolute_prohibition entry with non-null harm_type, and at least one conditional_tolerance entry with a numeric residual_risk_threshold",
     "Query AI system Ethics Impact Assessment records → assert each EIA verdict record contains a non-null risk_appetite_tier reference field mapping to the current statement version",
     "Pull exception register → assert each exception entry has required fields: system_id, harm_type, approver_role, approval_date, rationale, and review_date — and that no exception was approved below the authority level defined in the governance process document"
    ],
    "human_review": [
     "Assess whether absolute prohibitions are phrased with sufficient specificity to function as deployment gates — terms such as 'systems that could harm users' are not specific enough to apply consistently across systems",
     "Verify that the exception governance process assigns exception authority to a governance level appropriately senior for the risk category, and that Ethics Officer-level exceptions to absolute prohibitions are not permitted without board escalation",
     "Review conditional tolerance bands to confirm that residual risk thresholds are operationally measurable rather than qualitative descriptors that could be interpreted inconsistently across reviewers"
    ],
    "blocking_effect": "blocks-deployment",
    "normative_status": "certification-standard",
    "anti_patterns": [
     "Defining absolute prohibitions using vague language (e.g., 'systems that could cause harm') that cannot be applied consistently as a deployment gate and provides no actionable boundary for engineers or reviewers",
     "Allowing the Ethics Officer to approve exceptions to absolute prohibitions at the operational level without board or senior executive escalation, treating the highest-risk category the same as conditional tolerances",
     "Setting conditional tolerance bands as qualitative statements — such as 'low-risk uses are acceptable' — without specifying numeric or objectively measurable residual risk thresholds",
     "Treating the risk appetite statement as a standalone policy document disconnected from the EIA and intake processes, so deployment decisions are made without ever referencing the stated appetite",
     "Amending the risk appetite statement through 'interpretive guidance' memos without board re-approval, effectively changing organizational risk tolerance without the governance authority required to do so"
    ],
    "update_status": "current",
    "layer_code": "EF"
   },
   {
    "id": "EF-04",
    "layer": "EF",
    "plane": "lifecycle",
    "name": "Ethics Impact Assessment Framework",
    "plain": "The organization must maintain a formal, documented methodology for assessing ethical risks before AI system deployment and at defined intervals during operation — producing a structured verdict on whether the system meets the organization's ethical risk appetite and identifying required mitigations or conditional restrictions.",
    "threat": {
     "tags": [
      "ethics-assessment-gap",
      "unverified-harm-assumption",
      "deployment-without-review",
      "post-hoc-ethics"
     ],
     "desc": "Without a standardized ethics impact assessment methodology, harm evaluations are inconsistent across systems and reviewers, making it impossible to compare risk levels or demonstrate due diligence. Systems with significant potential for social harm proceed to deployment based on informal assurances. Post-deployment harm incidents cannot be attributed to a governance failure because no formal pre-deployment standard was ever established."
    },
    "standard": [
     {
      "id": "eu_ai_act",
      "section": "Art. 9, Art. 27 (FRIA)",
      "title": "Risk management system and fundamental rights impact assessment"
     },
     {
      "id": "iso_42001",
      "section": "§8.4, §9.1",
      "title": "Impact assessment and performance evaluation"
     },
     {
      "id": "nist_rmf",
      "section": "MAP 5.1, MEASURE 2.11",
      "title": "Likelihood and impact assessment; fairness and bias evaluation"
     },
     {
      "id": "ieee_7000",
      "section": "§10",
      "title": "Ethical risk assessment methodology"
     }
    ],
    "sources": [
     {
      "id": "microsoft_rai_standard_v2_2022",
      "title": "Microsoft Responsible AI Standard v2",
      "authority": "Microsoft Corporation",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2",
      "published_on": "2022-06-21",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.microsoft.com/en-us/ai/responsible-ai",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "microsoft_rai_standard_v2_2022",
      "relationship": "informative_reference",
      "rationale": "Establishes Microsoft Responsible AI Standard v2 requirements informing the apeiris://ethics/controls/EF-04 Ethics Impact Assessment Framework control.",
      "reviewed_on": "2026-07-01"
     },
     {
      "id": "ibm_ai_fairness_360_2021",
      "title": "IBM AI Fairness 360 (AIF360)",
      "authority": "IBM Corporation",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2018",
      "published_on": "2018-09-19",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://github.com/Trusted-AI/AIF360",
      "license": "open-source-apache2",
      "status": "current",
      "flagship": false,
      "source_id": "ibm_ai_fairness_360_2021",
      "relationship": "informative_reference",
      "rationale": "Establishes IBM AI Fairness 360 (AIF360) requirements informing the apeiris://ethics/controls/EF-04 Ethics Impact Assessment Framework control.",
      "reviewed_on": "2026-07-02"
     },
     {
      "id": "anthropic_rsp_2024",
      "title": "Anthropic Responsible Scaling Policy v3.3",
      "authority": "Anthropic, PBC",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "3.3",
      "published_on": "2026-05-26",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.anthropic.com/responsible-scaling-policy",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "anthropic_rsp",
      "relationship": "informative_reference",
      "rationale": "Establishes Anthropic Responsible Scaling Policy v3.3 requirements informing the apeiris://ethics/controls/EF-04 Ethics Impact Assessment Framework control.",
      "reviewed_on": "2026-07-02"
     },
     {
      "id": "openai_model_spec_2024",
      "title": "OpenAI Model Specification",
      "authority": "OpenAI, L.L.C.",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2024",
      "published_on": "2024-05-08",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://cdn.openai.com/spec/model-spec-2024-05-08.html",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "openai_model_spec_2024",
      "relationship": "informative_reference",
      "rationale": "Establishes OpenAI Model Specification requirements informing the apeiris://ethics/controls/EF-04 Ethics Impact Assessment Framework control.",
      "reviewed_on": "2026-07-01"
     },
     {
      "id": "google_ai_principles_2023",
      "title": "Google AI Principles",
      "authority": "Google LLC",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2025",
      "published_on": "2025-02-04",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://ai.google/responsibility/principles/",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "google_ai_principles_2023",
      "relationship": "informative_reference",
      "rationale": "Establishes Google AI Principles requirements informing the apeiris://ethics/controls/EF-04 Ethics Impact Assessment Framework control.",
      "reviewed_on": "2026-07-02"
     },
     {
      "id": "meta_llama_responsible_use_2024",
      "title": "Meta Llama Responsible Use Guide",
      "authority": "Meta Platforms, Inc.",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2023",
      "published_on": "2023-07-18",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.llama.com/responsible-use-guide/",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "meta_llama_responsible_use_2024",
      "relationship": "informative_reference",
      "rationale": "Establishes Meta Llama Responsible Use Guide requirements informing the apeiris://ethics/controls/EF-04 Ethics Impact Assessment Framework control.",
      "reviewed_on": "2026-07-02"
     },
     {
      "id": "plot4ai",
      "title": "PLOT4ai — Practical Library Of Threats 4 AI",
      "authority": "PLOT4ai",
      "source_type": "community",
      "normative_force": "best-practice",
      "version": "1.0",
      "published_on": "2022-01-01",
      "retrieved_on": "2026-07-08",
      "canonical_url": "https://plot4.ai/library",
      "relationship": "supporting_guidance",
      "note": "PLOT4ai Ethics & Human Rights threat category informs the ethics impact assessment framework."
     }
    ],
    "implementation": {
     "pattern": "Define an Ethics Impact Assessment (EIA) methodology with: (1) a structured questionnaire covering all adopted ethics principles and harm categories, (2) a scoring rubric that produces a residual risk score mapped against the organizational risk appetite, (3) a verdict taxonomy (approved / approved-with-conditions / deferred-pending-mitigation / blocked), and (4) a documentation package template that constitutes the audit trail. Run the EIA at: system design gate, pre-deployment gate, and annually for deployed systems.",
     "steps": [
      "Define the EIA questionnaire with sections mapped to each adopted ethics principle, covering: harm identification, affected population analysis, fairness and discrimination risk, autonomy and consent implications, and accountability mechanisms.",
      "Develop a scoring rubric that produces a residual risk score on a defined scale and maps score ranges to the organizational risk appetite statement thresholds.",
      "Define the EIA verdict taxonomy and specify the governance authority required for each verdict type, including who can approve 'approved-with-conditions' verdicts and who must approve exceptions.",
      "Integrate EIA as a required gate in the AI development lifecycle — systems that have not completed an EIA cannot proceed to pre-production or production deployment.",
      "Maintain a registry of all EIA verdicts with version-controlled documentation packages and require re-assessment whenever the system's use case, data inputs, or affected populations change materially."
     ],
     "ethics_officer": {
      "summary": "The EIA methodology is the operational core of your ethics governance program. Ensure it is substantive — a questionnaire that produces genuine risk scores rather than compliance theater. Review all EIAs for high-risk systems personally before verdict is issued.",
      "actions": [
       "Own and maintain the EIA methodology, updating the questionnaire annually and whenever new harm categories are identified.",
       "Review and countersign all EIA verdicts for systems classified as high-risk under the organizational risk appetite.",
       "Analyze EIA outcomes across the portfolio to identify systemic ethics risks and report trends to leadership quarterly."
      ],
      "failure_signals": [
       "AI systems in production without a completed and signed EIA.",
       "EIA verdicts issued without ethics officer review for high-risk systems.",
       "EIA questionnaire not updated in more than 18 months despite new regulatory guidance."
      ]
     },
     "data_scientist": {
      "summary": "The EIA requires technical input that only you can provide: model behavior characterization, fairness metric results, data provenance, and uncertainty quantification. Treat EIA completion as part of your delivery responsibility, not as a bureaucratic add-on.",
      "actions": [
       "Complete the technical sections of the EIA questionnaire, including model performance disaggregated by demographic group, known failure modes, and data lineage.",
       "Provide fairness metric results (e.g., equalized odds, demographic parity, calibration) with interpretation in plain language for ethics reviewers.",
       "Flag any model behaviors observed during testing that were not anticipated in the EIA questionnaire and raise them with the ethics officer."
      ],
      "failure_signals": [
       "EIA technical sections completed without fairness metric results.",
       "Model failure modes not documented in the EIA.",
       "EIA completed without data provenance information."
      ]
     },
     "grc_auditor": {
      "summary": "EIA completion is a required deployment gate. Audit for coverage, methodology consistency, and verdict governance compliance across the AI system portfolio.",
      "actions": [
       "Maintain an inventory of all AI systems and verify that each has a current EIA within the required review cycle.",
       "Sample EIA documentation packages and verify that scoring is consistent with the methodology rubric.",
       "Verify that verdict governance requirements were met: appropriate sign-off authority for each verdict type."
      ],
      "metrics": [
       "EIA completion rate: target 100% of AI systems in the production inventory have a current EIA.",
       "EIA currency rate: target 100% of EIAs within the required annual review cycle.",
       "Verdict governance compliance rate: target 100% of verdicts with documented appropriate sign-off."
      ],
      "failure_signals": [
       "Production AI systems without a current EIA.",
       "EIA verdicts without appropriate governance sign-off.",
       "EIA methodology not applied consistently — different scoring rubrics used by different reviewers."
      ]
     },
     "legal_counsel": {
      "summary": "The EIA is your primary legal due diligence artifact for AI system deployments. Ensure the methodology covers fundamental rights impact assessment requirements under EU AI Act Art. 27 and that outputs are retained under appropriate document preservation policies.",
      "actions": [
       "Review the EIA questionnaire for completeness against EU AI Act FRIA requirements and GDPR Data Protection Impact Assessment obligations where applicable.",
       "Ensure EIA documentation packages are retained under legal hold-compatible document management processes.",
       "Advise on verdict documentation language to ensure it does not create unintended legal admissions."
      ],
      "failure_signals": [
       "EIA methodology does not cover fundamental rights impact assessment as required under EU AI Act Art. 27.",
       "EIA documentation not retained under appropriate preservation policy.",
       "Verdict language creating inadvertent legal admissions of harm."
      ]
     }
    },
    "maturity": {
     "current": "initial",
     "target": "defined",
     "notes": "Data Protection Impact Assessments under GDPR have established a mature precedent that organizations can adapt. The primary gap is extending DPIAs to cover broader ethical harms beyond privacy, including fairness, autonomy, and dignity impacts."
    },
    "capability_risk": {
     "capability_level": "none"
    },
    "tiers": [
     "universal-enterprise",
     "high-risk-sector",
     "eu-high-risk-ai",
     "federated-enterprise",
     "multi-tenant"
    ],
    "implementers": [
     "Ethics Office",
     "AI Engineering Teams",
     "Legal Counsel",
     "Risk Management"
    ],
    "frameworks": [
     {
      "framework": "eu_ai_act",
      "requirement_id": "Art. 9, Art. 27",
      "fit": "direct",
      "rationale": "EU AI Act Art. 9 mandates that high-risk AI system providers implement a risk management system throughout the lifecycle, and Art. 27 introduces the Fundamental Rights Impact Assessment requirement for certain deployers. The EIA methodology directly satisfies these requirements when scoped to cover fundamental rights, safety, and fairness harms.",
      "normative_force": "binding-law",
      "source_version": "2024/1689",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "satisfies"
     },
     {
      "framework": "iso_42001",
      "requirement_id": "§8.4, §9.1",
      "fit": "direct",
      "rationale": "ISO/IEC 42001:2023 §8.4 requires impact assessments for AI systems and §9.1 requires performance evaluation against responsible AI objectives. The EIA methodology satisfies both by providing a structured pre-deployment and in-operation assessment process with documented verdicts.",
      "normative_force": "certification-standard",
      "source_version": "2023",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "nist_rmf",
      "requirement_id": "MAP 5.1, MEASURE 2.11",
      "fit": "direct",
      "rationale": "NIST AI RMF MAP 5.1 requires that the likelihood and magnitude of AI risks are estimated and MEASURE 2.11 requires that fairness and bias are evaluated and results demonstrated. The EIA questionnaire and scoring rubric directly implement these MAP and MEASURE requirements.",
      "normative_force": "voluntary-standard",
      "source_version": "1.0",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "ieee_7000",
      "requirement_id": "§10",
      "fit": "direct",
      "rationale": "IEEE 7000-2021 §10 provides a formal ethical risk assessment methodology including harm identification, severity assessment, and mitigation specification. The EIA questionnaire design should draw directly on IEEE 7000 §10 harm categories and assessment criteria.",
      "normative_force": "voluntary-standard",
      "source_version": "2021",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "oecd_ai_principles",
      "requirement_id": "Principles 1.3, 1.4",
      "fit": "partial",
      "rationale": "OECD AI Principles require that AI actors assess and manage safety and robustness risks, and that transparency and explainability are evaluated. The EIA methodology operationalizes these requirements as structured assessment criteria that every AI system must satisfy before deployment.",
      "normative_force": "voluntary-standard",
      "source_version": "2024",
      "reviewed_on": "2026-06-29",
      "basis": "asserted",
      "relation": "informs"
     },
     {
      "framework": "microsoft_rai",
      "requirement_id": "Goal A1 (Impact assessment)",
      "fit": "direct",
      "rationale": "Microsoft's Responsible AI Standard v2 explicitly mandates Impact Assessment as a required activity, with defined goals, required stakeholder roles, and documentation outputs — making it the most directly aligned vendor framework for the Ethics Impact Assessment Framework control. Microsoft's impact assessment guidance covers harm identification, affected population analysis, and mitigation planning, providing a vendor-published methodology template that organizations can adapt for their own EIA questionnaire and scoring rubric under EF-04.",
      "normative_force": "best-practice",
      "source_version": "v2 (2022)",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "ibm_ai_fairness",
      "requirement_id": "Fairness metrics (~70 dataset- and model-level metrics)",
      "fit": "partial",
      "rationale": "AIF360 provides computable dataset- and model-level fairness metrics that populate the technical fairness section of an Ethics Impact Assessment. As a batch evaluation library it supports the pre-deployment assessment EF-04 requires; in-operation assessment means scheduling repeated metric runs, since the toolkit has no built-in continuous-monitoring service.",
      "normative_force": "best-practice",
      "source_version": "2018",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "anthropic_rsp",
      "requirement_id": "Risk Reports (capability and safeguards assessment before deployment)",
      "fit": "partial",
      "rationale": "Under RSP v3.3, Anthropic prepares Risk Reports assessing whether models have crossed Capability Thresholds and whether Required Safeguards are satisfied before deployment decisions are made. This evaluation-before-deployment discipline parallels EF-04's Ethics Impact Assessment gate; organizations deploying Anthropic models can treat the published capability and safeguard framing as an input to their own EIA technical sections.",
      "normative_force": "best-practice",
      "source_version": "3.3",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "openai_model_spec",
      "requirement_id": "Stay in bounds — Try to prevent imminent real-world harm",
      "fit": "partial",
      "rationale": "The Model Spec's Stay in bounds rules define the classes of real-world harm OpenAI's models must not facilitate, providing a published harm-category vocabulary that can seed the harm-identification section of an Ethics Impact Assessment questionnaire under EF-04. The spec addresses model behavior rather than deployment assessment, so it informs the EIA's technical inputs without satisfying the assessment obligation itself.",
      "normative_force": "best-practice",
      "source_version": "2025-12-18",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "google_ai_principles",
      "requirement_id": "Responsible development and deployment — appropriate human oversight, due diligence, and feedback mechanisms",
      "fit": "partial",
      "rationale": "Google's current AI Principles (the 2025 revision, which replaced the 2018 seven-principles list with three pillars — Bold innovation; Responsible development and deployment; Collaborative progress) commit to due diligence and feedback mechanisms so that AI is developed and deployed with its impacts understood. An Ethics Impact Assessment methodology under EF-04 is the structured due-diligence instrument that examines fundamental rights, safety, and fairness impacts before deployment and in operation.",
      "normative_force": "best-practice",
      "source_version": "2025",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "meta_llama_rai",
      "requirement_id": "Model-level alignment — Evaluate and improve performance; Red teaming",
      "fit": "partial",
      "rationale": "The Llama Responsible Use Guide's model-level alignment guidance — evaluating and improving performance and red-teaming for safety issues — describes the pre-release assessment applied to Llama models and recommended for downstream products. EF-04 EIA methodologies for Llama-based systems should incorporate these evaluation and red-teaming practices as technical inputs, calibrated against the foundation model's documented risk profile.",
      "normative_force": "best-practice",
      "source_version": "2023",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     }
    ],
    "canonical_id": "apeiris://ethics/controls/EF-04",
    "meta": {
     "authored_on": "2026-06-29",
     "schema_version": "1.1.0"
    },
    "validation_objective": "Every AI system in the production inventory must have a completed Ethics Impact Assessment using the organization's documented methodology, producing a structured verdict from the approved verdict taxonomy before initial deployment and within the annual review cycle thereafter. Each EIA must include fairness metric results disaggregated by demographic group, data provenance documentation, and an explicit verdict mapped against the organization's Ethical Risk Appetite Statement tiers.",
    "evidence_required": [
     "ethics_impact_assessment document with methodology_version, completed_questionnaire, residual_risk_score, risk_appetite_tier mapping, and structured_verdict (approved / approved-with-conditions / deferred-pending-mitigation / blocked)",
     "fairness_metric_results_report showing model performance disaggregated by demographic group using at least two metrics (equalized odds, demographic parity, calibration, or individual fairness) as required by the EIA questionnaire",
     "eia_governance_approval_record showing verdict_issuer, ethics_officer_countersignature for high-risk systems, and approval_date confirmed before production deployment",
     "eia_registry entry for each production AI system with current_assessment_date and next_review_date within 12 months",
     "fundamental_rights_impact_assessment artifact for EU-deployed high-risk systems satisfying Art. 27 requirements, integrated into or attached to the EIA documentation package"
    ],
    "machine_tests": [
     "Query AI system production inventory → assert each system_id has an eia_registry entry with current_assessment_date within 365 days of today",
     "Parse EIA documents for high-risk systems → assert each contains a verdict field from the approved taxonomy and a non-null risk_appetite_tier field matching a tier in the current Ethical Risk Appetite Statement version",
     "Check EIA governance approval records for high-risk systems → assert each has an ethics_officer_countersignature with countersignature_date before the system's production_deployment_date"
    ],
    "human_review": [
     "Review a sample of EIA scoring rubric applications to verify that residual risk scores reflect genuine assessment rather than consistently clustering in low-risk tiers regardless of system characteristics or affected population vulnerability",
     "Verify that the EIA questionnaire covers all harm categories in the organizational Ethical Risk Appetite Statement and includes fundamental rights categories required by EU AI Act Art. 27 for applicable systems",
     "Assess whether fairness metric results are interpreted in plain language for ethics reviewers rather than presented as raw numbers without contextual explanation of what the metrics mean for the affected population"
    ],
    "blocking_effect": "blocks-deployment",
    "normative_status": "binding-law",
    "anti_patterns": [
     "Running the EIA only at the deployment stage after all architectural, training data, and feature design decisions have been made, making remediation prohibitively costly and the assessment retrospective rather than preventive",
     "Using a scoring rubric with ranges so wide that the vast majority of systems score in the approved tier regardless of actual risk characteristics, defeating the purpose of the quantitative scoring mechanism",
     "Issuing approved-with-conditions EIA verdicts without creating a tracking record to verify that required conditions were actually implemented before deployment rather than deferred indefinitely",
     "Allowing data scientists to complete all technical EIA sections without independent review, enabling self-certification of complex fairness claims that ethics reviewers lack the technical background to challenge",
     "Treating the EU AI Act FRIA as a separate compliance exercise from the EIA rather than integrating FRIA requirements into the EIA questionnaire so both are satisfied through a single assessment"
    ],
    "update_status": "current",
    "layer_code": "EF"
   },
   {
    "id": "EF-05",
    "layer": "EF",
    "plane": "control",
    "name": "EU AI Act Prohibited Practices Governance (Art. 5)",
    "plain": "The organization must maintain controls ensuring that no AI system it develops, deploys, or procures falls within the EU AI Act's prohibited practices definitions under Article 5, including subliminal manipulation, exploitation of vulnerabilities, social scoring by public authorities, real-time remote biometric identification in public spaces without exception, and other enumerated prohibitions.",
    "threat": {
     "tags": [
      "prohibited-practice-deployment",
      "regulatory-noncompliance",
      "fundamental-rights-violation",
      "subliminal-manipulation"
     ],
     "desc": "Violations of EU AI Act Art. 5 prohibited practices are not administrative infringements — they constitute the most severe category of EU AI Act breach, attracting fines up to €35 million or 7% of global annual turnover. Organizations that develop or deploy prohibited AI practices face criminal referral in certain jurisdictions and mandatory market withdrawal. The prohibited practices definitions also overlap with fundamental rights violations under the EU Charter, creating compounded legal exposure."
    },
    "standard": [
     {
      "id": "eu_ai_act",
      "section": "Art. 5",
      "title": "EU AI Act Prohibited AI Practices"
     },
     {
      "id": "eu_charter",
      "section": "Art. 1, 3, 8, 21",
      "title": "EU Charter: human dignity, bodily integrity, data protection, non-discrimination"
     },
     {
      "id": "iso_42001",
      "section": "§8.4",
      "title": "Responsible AI use controls and prohibited use identification"
     },
     {
      "id": "oecd_ai_principles",
      "section": "Principle 1.2",
      "title": "Human-centred values and respect for fundamental rights"
     }
    ],
    "sources": [
     {
      "id": "openai_model_spec_2024",
      "title": "OpenAI Model Specification",
      "authority": "OpenAI, L.L.C.",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2024",
      "published_on": "2024-05-08",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://cdn.openai.com/spec/model-spec-2024-05-08.html",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "openai_model_spec_2024",
      "relationship": "informative_reference",
      "rationale": "Establishes OpenAI Model Specification requirements informing the apeiris://ethics/controls/EF-05 EU AI Act Prohibited Practices Governance (Art. 5) control.",
      "reviewed_on": "2026-07-01"
     },
     {
      "id": "meta_llama_responsible_use_2024",
      "title": "Meta Llama Responsible Use Guide",
      "authority": "Meta Platforms, Inc.",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2023",
      "published_on": "2023-07-18",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.llama.com/responsible-use-guide/",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "meta_llama_responsible_use_2024",
      "relationship": "informative_reference",
      "rationale": "Establishes Meta Llama Responsible Use Guide requirements informing the apeiris://ethics/controls/EF-05 EU AI Act Prohibited Practices Governance (Art. 5) control.",
      "reviewed_on": "2026-07-02"
     },
     {
      "id": "microsoft_rai_standard_v2_2022",
      "title": "Microsoft Responsible AI Standard v2",
      "authority": "Microsoft Corporation",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2",
      "published_on": "2022-06-21",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.microsoft.com/en-us/ai/responsible-ai",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "microsoft_rai_standard_v2_2022",
      "relationship": "informative_reference",
      "rationale": "Establishes Microsoft Responsible AI Standard v2 requirements informing the apeiris://ethics/controls/EF-05 EU AI Act Prohibited Practices Governance (Art. 5) control.",
      "reviewed_on": "2026-07-01"
     },
     {
      "id": "google_ai_principles_2023",
      "title": "Google AI Principles",
      "authority": "Google LLC",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2025",
      "published_on": "2025-02-04",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://ai.google/responsibility/principles/",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "google_ai_principles_2023",
      "relationship": "informative_reference",
      "rationale": "Establishes Google AI Principles requirements informing the apeiris://ethics/controls/EF-05 EU AI Act Prohibited Practices Governance (Art. 5) control.",
      "reviewed_on": "2026-07-02"
     }
    ],
    "implementation": {
     "pattern": "Maintain a Prohibited Practices Register that enumerates each EU AI Act Art. 5 prohibition with the organization's legal interpretation of scope and applicability. Each AI system under development, deployment, or procurement must be screened against the register at intake. Systems with characteristics that match or approach prohibited practice definitions are escalated to Legal Counsel and the Ethics Officer for a formal Art. 5 clearance determination before resources are allocated.",
     "steps": [
      "Publish a Prohibited Practices Register that maps each Art. 5 prohibition to its key definitional elements, with the organization's legal interpretation of scope and applicability to its AI portfolio.",
      "Integrate a mandatory Art. 5 screening questionnaire into the AI system intake process — any system that triggers a 'potential match' flag is automatically escalated to Legal and Ethics before proceeding.",
      "Establish a formal Art. 5 Clearance Process for flagged systems: legal opinion, ethics officer review, and documented clearance or rejection within 10 business days.",
      "Audit the existing AI system portfolio against the Art. 5 register on a defined schedule (at minimum annually and upon any EU AI Act regulatory update).",
      "Ensure procurement and vendor management processes include Art. 5 compliance representations as a contractual requirement for all AI system vendors."
     ],
     "ethics_officer": {
      "summary": "Art. 5 is a bright-line prohibition — there are no exceptions for commercial value or operational necessity. Your role is to ensure the organization never reaches the point of deploying a prohibited system through proactive screening, not reactive compliance.",
      "actions": [
       "Own the Prohibited Practices Register and update it within 30 days of any Art. 5 regulatory guidance or implementing act publication.",
       "Review and co-sign all Art. 5 Clearance determinations alongside Legal Counsel.",
       "Report any system that receives a clearance determination to the board or appropriate governance committee within the reporting cycle."
      ],
      "failure_signals": [
       "Prohibited Practices Register not updated following regulatory guidance updates.",
       "AI systems proceeding past intake without an Art. 5 screening record.",
       "Art. 5 Clearance determinations issued without ethics officer involvement."
      ]
     },
     "legal_counsel": {
      "summary": "Art. 5 violations carry the highest penalty tier under the EU AI Act. Ensure the organization's interpretive guidance on each prohibition is legally defensible and consistent with regulatory guidance from the EAIA and national supervisory authorities.",
      "actions": [
       "Draft and maintain legal interpretation guidance for each Art. 5 prohibition, updated following any EAIA or national authority guidance.",
       "Lead the Art. 5 Clearance Process for flagged systems and issue written legal opinion.",
       "Ensure vendor contracts include Art. 5 compliance representations and audit rights."
      ],
      "failure_signals": [
       "Legal interpretation guidance not updated following EAIA guidance publications.",
       "Vendor contracts lacking Art. 5 compliance provisions.",
       "Art. 5 Clearance determinations without written legal opinion."
      ]
     },
     "grc_auditor": {
      "summary": "Audit the Art. 5 screening process for coverage and completeness across the AI portfolio. Verify that the Prohibited Practices Register is current, that all systems have screening records, and that flagged systems received appropriate clearance determinations.",
      "actions": [
       "Verify that the Prohibited Practices Register is current and reflects the latest Art. 5 regulatory guidance.",
       "Sample AI system intake records and confirm that Art. 5 screening was completed for each system.",
       "Review Art. 5 Clearance Process records for completeness and appropriate sign-off."
      ],
      "metrics": [
       "Art. 5 screening coverage rate: target 100% of AI systems in the intake registry have a screening record.",
       "Clearance process completion rate: target 100% of flagged systems have a documented clearance determination.",
       "Register currency: updated within 30 days of any Art. 5 regulatory guidance publication."
      ],
      "failure_signals": [
       "AI systems in production without an Art. 5 screening record.",
       "Prohibited Practices Register not updated following regulatory guidance.",
       "Vendor contracts lacking Art. 5 compliance provisions."
      ]
     },
     "business_stakeholder": {
      "summary": "Art. 5 prohibitions are absolute — systems that fall within them cannot be deployed regardless of business value. Engage with the screening process early to avoid significant investment in systems that will not clear the Art. 5 review.",
      "actions": [
       "Review the Prohibited Practices Register before committing to AI system design or procurement involving behavioral influence, biometric analysis, or vulnerability exploitation use cases.",
       "Escalate to Legal and Ethics immediately if a business requirement appears to conflict with any Art. 5 prohibition."
      ],
      "failure_signals": [
       "Business teams unaware of Art. 5 prohibitions relevant to their AI use cases.",
       "Significant development investment made in systems that subsequently fail Art. 5 clearance."
      ]
     }
    },
    "maturity": {
     "current": "initial",
     "target": "defined",
     "notes": "Art. 5 became fully applicable in February 2025. Most organizations have conducted initial gap assessments but have not yet operationalized systematic screening into their AI intake processes. Biometric and behavioral AI use cases are highest-risk."
    },
    "capability_risk": {
     "capability_level": "none"
    },
    "tiers": [
     "eu-high-risk-ai",
     "universal-enterprise",
     "high-risk-sector",
     "multi-tenant"
    ],
    "implementers": [
     "Legal Counsel",
     "Ethics Office",
     "AI Governance Team",
     "Procurement"
    ],
    "frameworks": [
     {
      "framework": "eu_ai_act",
      "requirement_id": "Art. 5",
      "fit": "direct",
      "rationale": "This control is specifically designed to operationalize EU AI Act Art. 5 prohibited practices compliance. Every element of the Prohibited Practices Register, screening process, and clearance determination is structured to demonstrate that the organization has implemented systematic controls to prevent deployment of Art. 5 prohibited systems.",
      "normative_force": "binding-law",
      "source_version": "2024/1689",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "satisfies"
     },
     {
      "framework": "eu_charter",
      "requirement_id": "Art. 1, 3, 8, 21",
      "fit": "direct",
      "rationale": "The EU AI Act Art. 5 prohibitions are grounded in fundamental rights obligations under the EU Charter — specifically human dignity (Art. 1), bodily integrity (Art. 3), data protection (Art. 8), and non-discrimination (Art. 21). Compliance with Art. 5 is compliance with these Charter obligations in the AI context.",
      "normative_force": "binding-law",
      "source_version": "2012/C 326/02",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "satisfies"
     },
     {
      "framework": "oecd_ai_principles",
      "requirement_id": "Principle 1.2",
      "fit": "partial",
      "rationale": "OECD AI Principle 1.2 requires that AI systems respect human rights and democratic values. The EU AI Act Art. 5 prohibitions are a legal instantiation of these principles, and complying with Art. 5 demonstrates adherence to OECD Principle 1.2 in the most sensitive harm categories.",
      "normative_force": "voluntary-standard",
      "source_version": "2024",
      "reviewed_on": "2026-06-29",
      "basis": "asserted",
      "relation": "informs"
     },
     {
      "framework": "iso_42001",
      "requirement_id": "§8.4",
      "fit": "partial",
      "rationale": "ISO/IEC 42001:2023 §8.4 requires that organizations identify and implement controls for responsible AI use, including identifying uses that are prohibited or restricted by policy or regulation. The Prohibited Practices Register and screening process directly satisfy this requirement for the highest-risk category of AI uses.",
      "normative_force": "certification-standard",
      "source_version": "2023",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "acm_ethics",
      "requirement_id": "§1.1, §1.2, §2.5",
      "fit": "adjacent",
      "rationale": "The ACM Code of Ethics requires computing professionals to contribute to society and human wellbeing (§1.1), avoid harm (§1.2), and respect privacy (§2.5). These principles provide a professional ethics backstop that reinforces the legal obligations under Art. 5 for technical practitioners involved in AI system design.",
      "normative_force": "best-practice",
      "source_version": "2018",
      "reviewed_on": "2026-06-29",
      "basis": "asserted",
      "relation": "informs"
     },
     {
      "framework": "openai_model_spec",
      "requirement_id": "Stay in bounds — Don't facilitate the targeted manipulation of political views; The chain of command — Platform-level (root) instructions",
      "fit": "partial",
      "rationale": "The Model Spec's Stay in bounds section prohibits facilitating the targeted manipulation of political views, and its chain of command places platform-level (root) instructions above any operator or user request, so restricted behaviors cannot be unlocked downstream. These provisions overlap with EU AI Act Art. 5 concerns about manipulative techniques, and organizations building on OpenAI models should map the spec's root-level restrictions against Art. 5 categories in their Prohibited Practices Register.",
      "normative_force": "best-practice",
      "source_version": "2025-12-18",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "meta_llama_rai",
      "requirement_id": "Llama Acceptable Use Policy (separate document)",
      "fit": "direct",
      "rationale": "The Llama Acceptable Use Policy (a separate document from the Responsible Use Guide) prohibits categories of use — including violence, exploitation of vulnerable individuals, and unlawful manipulation — that overlap with EU AI Act Art. 5 prohibited practices. Organizations deploying Llama models must incorporate the AUP's prohibitions into their Prohibited Practices Register so vendor license prohibitions are screened alongside regulatory ones.",
      "normative_force": "best-practice",
      "source_version": "2023",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "microsoft_rai",
      "requirement_id": "Goal A2 (Oversight of significant adverse impacts — Sensitive Uses); Goals F1–F3 (Fairness)",
      "fit": "partial",
      "rationale": "Microsoft's Responsible AI Standard v2 identifies categories of sensitive AI use that require additional review, including uses with potential for discrimination, manipulation, or surveillance — categories that overlap with EU AI Act Art. 5 prohibited practices. Microsoft's sensitivity categorization framework provides a screening methodology that complements the Art. 5 Prohibited Practices Register screening process, particularly for identifying systems approaching but not clearly within prohibited use categories.",
      "normative_force": "best-practice",
      "source_version": "v2 (2022)",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "google_ai_principles",
      "requirement_id": "Responsible development and deployment — alignment with widely accepted principles of international law and human rights",
      "fit": "partial",
      "rationale": "Google's 2025 AI Principles commit to developing and deploying AI in alignment with widely accepted principles of international law and human rights; the 2025 revision retired the 2018 list of 'applications we will not pursue.' EF-05 prohibited-practices screening for organizations using Google AI services must therefore rest on the current human-rights alignment commitment plus the binding EU AI Act Art. 5 enumeration, rather than on the withdrawn application exclusions.",
      "normative_force": "best-practice",
      "source_version": "2025",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     }
    ],
    "canonical_id": "apeiris://ethics/controls/EF-05",
    "meta": {
     "authored_on": "2026-06-29",
     "schema_version": "1.1.0"
    },
    "validation_objective": "Every AI system developed, deployed, or procured by the organization must have an Art. 5 screening record confirming evaluation against the current Prohibited Practices Register before intake resources were allocated. Any system that triggers a potential-match flag must have a formal Art. 5 Clearance determination with written legal opinion and ethics officer countersignature completed within 10 business days of the flag before any further development, deployment, or procurement proceeds.",
    "evidence_required": [
     "prohibited_practices_register document version-controlled with last_updated_date within 30 days of any EAIA or national supervisory authority Art. 5 guidance publication, mapping each Art. 5(1) prohibition to its definitional elements and organizational legal interpretation",
     "art_5_screening_record for each AI system in the intake registry, including screening_date, register_version_used, screener_identity, and screening_outcome (clear / potential-match / deferred)",
     "art_5_clearance_determination document for flagged systems including written_legal_opinion, ethics_officer_countersignature, determination_date within 10 business days of flag_date, and determination outcome (cleared / rejected)",
     "vendor_contract_art_5_compliance_provisions confirming Art. 5 compliance representations and audit rights in contracts for all AI system vendors",
     "annual_portfolio_audit_record showing Art. 5 re-screening completion date for all production systems against the current register version"
    ],
    "machine_tests": [
     "Query AI system intake registry → assert each system_id has an art_5_screening_record with screening_date before any engineering budget commitment date or procurement order date",
     "Retrieve Prohibited Practices Register metadata → assert last_updated_date is either within 30 days of the most recent EAIA guidance publication or no relevant EAIA guidance has been published since the last update",
     "Query intake registry for systems with screening_outcome=potential-match → assert each has an art_5_clearance_determination with determination_date within 10 business days of the system's flag_date"
    ],
    "human_review": [
     "Assess whether the legal interpretation guidance for each Art. 5(1) prohibition is legally defensible and consistent with current EAIA regulatory guidance — particularly for subliminal manipulation and vulnerability exploitation categories, which have the broadest definitional ambiguity",
     "Review the vendor contract portfolio to verify that Art. 5 compliance representations and audit rights are present in contracts for all AI system vendors, not only contracts entered after the EU AI Act application date",
     "Evaluate whether the Art. 5 screening questionnaire prompts reviewers to consider how system features combine to produce prohibited effects, rather than evaluating features in isolation and missing emergent prohibited practice patterns"
    ],
    "blocking_effect": "blocks-deployment",
    "normative_status": "binding-law",
    "anti_patterns": [
     "Applying Art. 5 screening only to new AI systems in the intake pipeline while not auditing production systems that were deployed before the Art. 5 screening process was established",
     "Interpreting Art. 5 prohibitions narrowly by evaluating individual system features in isolation rather than assessing whether feature combinations produce prohibited effects at the system level",
     "Treating Art. 5 clearance as a purely legal exercise without ethics officer co-review, leaving non-legal harm dimensions — dignity, autonomy, social harm — unassessed in the clearance determination",
     "Relying exclusively on vendor representations of Art. 5 compliance rather than independently screening the deployed system against the organization's own Prohibited Practices Register",
     "Updating the Prohibited Practices Register only when the regulatory text changes rather than when regulatory guidance, implementing acts, or national supervisory authority positions clarify how existing prohibitions apply"
    ],
    "update_status": "current",
    "layer_code": "EF"
   },
   {
    "id": "EF-06",
    "layer": "EF",
    "plane": "lifecycle",
    "name": "Ethics-by-Design Integration in Development Lifecycle",
    "plain": "The organization must embed formal ethics review gates into the AI system development and deployment lifecycle, ensuring that ethics considerations are evaluated at each major phase — requirements, design, development, testing, and deployment — and that systems cannot advance past a gate without documented ethics review completion.",
    "threat": {
     "tags": [
      "ethics-bolt-on",
      "late-stage-ethics-failure",
      "ungated-development",
      "review-bypass"
     ],
     "desc": "Ethics reviews conducted only at deployment are structurally unable to prevent harm — by that point, architectural decisions, training data choices, and feature designs that embed ethical risk have been made and are prohibitively expensive to reverse. Late-stage ethics failures result in either deploying harmful systems or abandoning significant investment. Gates bypassed under schedule pressure create systemic gaps in the governance record and eliminate the organization's ability to demonstrate due diligence."
    },
    "standard": [
     {
      "id": "iso_42001",
      "section": "§8.3",
      "title": "AI system design and development responsible AI integration"
     },
     {
      "id": "ieee_7000",
      "section": "§5–§11",
      "title": "Ethics-by-design process integration across system engineering lifecycle"
     },
     {
      "id": "nist_rmf",
      "section": "MAP 1.6, GOVERN 1.7",
      "title": "AI lifecycle integration and governance embedding"
     },
     {
      "id": "eu_ai_act",
      "section": "Art. 9, Art. 17",
      "title": "Risk management system lifecycle integration and quality management"
     }
    ],
    "sources": [
     {
      "id": "microsoft_rai_standard_v2_2022",
      "title": "Microsoft Responsible AI Standard v2",
      "authority": "Microsoft Corporation",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2",
      "published_on": "2022-06-21",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.microsoft.com/en-us/ai/responsible-ai",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "microsoft_rai_standard_v2_2022",
      "relationship": "informative_reference",
      "rationale": "Establishes Microsoft Responsible AI Standard v2 requirements informing the apeiris://ethics/controls/EF-06 Ethics-by-Design Integration in Development Lifecycle control.",
      "reviewed_on": "2026-07-01"
     },
     {
      "id": "google_ai_principles_2023",
      "title": "Google AI Principles",
      "authority": "Google LLC",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2025",
      "published_on": "2025-02-04",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://ai.google/responsibility/principles/",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "google_ai_principles_2023",
      "relationship": "informative_reference",
      "rationale": "Establishes Google AI Principles requirements informing the apeiris://ethics/controls/EF-06 Ethics-by-Design Integration in Development Lifecycle control.",
      "reviewed_on": "2026-07-02"
     },
     {
      "id": "anthropic_rsp_2024",
      "title": "Anthropic Responsible Scaling Policy v3.3",
      "authority": "Anthropic, PBC",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "3.3",
      "published_on": "2026-05-26",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.anthropic.com/responsible-scaling-policy",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "anthropic_rsp",
      "relationship": "informative_reference",
      "rationale": "Establishes Anthropic Responsible Scaling Policy v3.3 requirements informing the apeiris://ethics/controls/EF-06 Ethics-by-Design Integration in Development Lifecycle control.",
      "reviewed_on": "2026-07-02"
     },
     {
      "id": "ibm_ai_fairness_360_2021",
      "title": "IBM AI Fairness 360 (AIF360)",
      "authority": "IBM Corporation",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2018",
      "published_on": "2018-09-19",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://github.com/Trusted-AI/AIF360",
      "license": "open-source-apache2",
      "status": "current",
      "flagship": false,
      "source_id": "ibm_ai_fairness_360_2021",
      "relationship": "informative_reference",
      "rationale": "Establishes IBM AI Fairness 360 (AIF360) requirements informing the apeiris://ethics/controls/EF-06 Ethics-by-Design Integration in Development Lifecycle control.",
      "reviewed_on": "2026-07-02"
     },
     {
      "id": "meta_llama_responsible_use_2024",
      "title": "Meta Llama Responsible Use Guide",
      "authority": "Meta Platforms, Inc.",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2023",
      "published_on": "2023-07-18",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.llama.com/responsible-use-guide/",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "meta_llama_responsible_use_2024",
      "relationship": "informative_reference",
      "rationale": "Establishes Meta Llama Responsible Use Guide requirements informing the apeiris://ethics/controls/EF-06 Ethics-by-Design Integration in Development Lifecycle control.",
      "reviewed_on": "2026-07-02"
     }
    ],
    "implementation": {
     "pattern": "Define an AI Ethics Gate Matrix that specifies, for each lifecycle phase, the ethics review activities required, the artifacts that must be produced, the approval authority required to advance, and the conditions that trigger escalation. Gates are enforced through project management system controls — no phase transition ticket can be closed without ethics gate artifacts attached and approved. The gate matrix is published as policy and reviewed annually.",
     "steps": [
      "Define the AI development lifecycle phases used by the organization and assign at least one ethics gate to each phase.",
      "For each gate, specify: required review activities, artifact deliverables (e.g., completed Values-to-Design Matrix, EIA, prohibited practice screening record), approval authority, and escalation conditions.",
      "Integrate gates into the project management system so that phase transition workflows require ethics artifact attachment and electronic approval before advancement is permitted.",
      "Train AI development teams on the ethics gate requirements and provide template artifacts and review guidance for each gate.",
      "Monitor gate bypass rates and escalate any gate bypass to the ethics officer and project governance within 24 hours."
     ],
     "ethics_officer": {
      "summary": "Ethics-by-design is only effective if gates have teeth. Ensure that project management system controls are configured to require ethics gate completion — a process that can be bypassed under schedule pressure is not a gate, it is a suggestion.",
      "actions": [
       "Own the AI Ethics Gate Matrix and update it annually or when new risk categories emerge.",
       "Review bypass logs monthly and investigate any pattern of gate bypasses in a single team or project.",
       "Report gate completion metrics and bypass incidents to governance leadership quarterly."
      ],
      "failure_signals": [
       "AI systems advancing lifecycle phases without ethics gate artifact records.",
       "Gate bypass rate exceeds zero without documented escalation and approval.",
       "Ethics gate artifacts completed after phase transition rather than before."
      ]
     },
     "data_scientist": {
      "summary": "Ethics gates in the development phase apply directly to your work: model architecture choices, dataset selection, fairness constraint specification, and testing methodology. Treat gate artifacts as part of your technical deliverables, not as separate compliance tasks.",
      "actions": [
       "Complete the required ethics gate artifacts for the development and testing phases alongside your technical deliverables.",
       "Raise ethics concerns encountered during development through the gate escalation process rather than resolving them informally.",
       "Ensure that fairness testing results are documented in gate artifacts before the pre-deployment gate."
      ],
      "failure_signals": [
       "Ethics gate artifacts for development phase missing fairness testing results.",
       "Ethics concerns raised informally without creating gate escalation records.",
       "Development phase gate completed without data provenance documentation."
      ]
     },
     "grc_auditor": {
      "summary": "Ethics-by-design gates are the primary evidence that ethics was integrated into the development process rather than applied retrospectively. Audit gate completion rates, artifact quality, and bypass incident records.",
      "actions": [
       "Audit a sample of AI system project records and verify that all lifecycle phases have documented ethics gate completion artifacts.",
       "Review bypass incident records for completeness and confirm that each bypass received appropriate escalation and approval.",
       "Assess artifact quality for a sample of gate completions — verify that artifacts are substantive, not boilerplate."
      ],
      "metrics": [
       "Gate completion rate: target 100% of lifecycle phase transitions have associated ethics gate artifacts.",
       "Bypass incident rate: target 0 unauthorized bypasses per quarter.",
       "Artifact substantive quality: assessed through periodic review by ethics officer on a sampled basis."
      ],
      "failure_signals": [
       "Lifecycle phase transitions without ethics gate artifact records.",
       "Bypass incidents not escalated or without documented approval.",
       "Gate artifacts that are clearly boilerplate and do not reflect genuine ethics review."
      ]
     },
     "business_stakeholder": {
      "summary": "Ethics-by-design gates add time to each lifecycle phase. Engage with the ethics office early to understand gate requirements for your project and plan timelines accordingly. Gate delays caused by substantive ethics concerns are early warning signals that should shift design investment, not be dismissed as governance overhead.",
      "actions": [
       "Include ethics gate review time in project planning from the outset.",
       "Treat gate escalations as priority design issues requiring immediate attention, not as compliance delays.",
       "Escalate resource constraints that are causing ethics gate quality degradation to project governance."
      ],
      "failure_signals": [
       "Project timelines do not include ethics gate review time allocations.",
       "Ethics gate escalations treated as bureaucratic delays rather than substantive design issues.",
       "Ethics gate artifacts completed by project managers rather than qualified ethics reviewers."
      ]
     }
    },
    "maturity": {
     "current": "initial",
     "target": "defined",
     "notes": "Security-by-design is a mature discipline with established tooling and process integration. Ethics-by-design is 3–5 years behind in organizational maturity. The primary implementation pattern is to adapt existing security review gate infrastructure to include ethics review checkpoints."
    },
    "capability_risk": {
     "capability_level": "none"
    },
    "tiers": [
     "universal-enterprise",
     "high-risk-sector",
     "eu-high-risk-ai",
     "cloud-native",
     "federated-enterprise"
    ],
    "implementers": [
     "Ethics Office",
     "AI Engineering Teams",
     "Project Management",
     "Product Management"
    ],
    "frameworks": [
     {
      "framework": "ieee_7000",
      "requirement_id": "§5–§11",
      "fit": "direct",
      "rationale": "IEEE 7000-2021 defines an ethics-by-design process that integrates ethical analysis across the entire system engineering lifecycle from concept through deployment. The AI Ethics Gate Matrix directly implements the IEEE 7000 phase-by-phase ethics integration model.",
      "normative_force": "voluntary-standard",
      "source_version": "2021",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "iso_42001",
      "requirement_id": "§8.3",
      "fit": "direct",
      "rationale": "ISO/IEC 42001:2023 §8.3 requires that AI system impact assessment and responsible AI considerations are integrated into AI system design and development processes. Ethics-by-design gates are the implementation mechanism for this requirement across the development lifecycle.",
      "normative_force": "certification-standard",
      "source_version": "2023",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "nist_rmf",
      "requirement_id": "MAP 1.6, GOVERN 1.7",
      "fit": "direct",
      "rationale": "NIST AI RMF MAP 1.6 requires that AI risk management is integrated into organizational processes and GOVERN 1.7 requires that the AI lifecycle is documented and that governance processes are applied across it. Ethics-by-design gates are the governance mechanism that satisfies these requirements.",
      "normative_force": "voluntary-standard",
      "source_version": "1.0",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "eu_ai_act",
      "requirement_id": "Art. 9, Art. 17",
      "fit": "partial",
      "rationale": "EU AI Act Art. 9 requires a risk management system integrated throughout the lifecycle and Art. 17 requires a quality management system covering the design and development process. Ethics-by-design gates contribute to satisfying both requirements by embedding documented ethics review into each lifecycle phase.",
      "normative_force": "binding-law",
      "source_version": "2024/1689",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "satisfies"
     },
     {
      "framework": "microsoft_rai",
      "requirement_id": "Goal A2 (requirement A2.2 — Sensitive Uses review)",
      "fit": "partial",
      "rationale": "Microsoft Responsible AI Standard v2 Goal A2 (requirement A2.2) requires a Sensitive Uses review for AI systems with potential for significant impact on individuals or groups. Ethics-by-design gates formalize and extend this requirement across the full lifecycle rather than applying it only at the deployment stage.",
      "normative_force": "best-practice",
      "source_version": "v2 (2022)",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "google_ai_principles",
      "requirement_id": "Responsible development and deployment — rigorous design, testing, monitoring, and safeguards",
      "fit": "direct",
      "rationale": "Google's current AI Principles (the 2025 revision, which replaced the 2018 seven-principles list with three pillars — Bold innovation; Responsible development and deployment; Collaborative progress) commit to rigorous design, testing, monitoring, and safeguards across development and deployment — safety and ethics built in rather than retrofitted. EF-06's lifecycle ethics gates give that commitment enforceable form, embedding documented ethics review at each development phase.",
      "normative_force": "best-practice",
      "source_version": "2025",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "anthropic_rsp",
      "requirement_id": "Capability Thresholds and Required Safeguards (evaluation-gated scaling)",
      "fit": "partial",
      "rationale": "The RSP v3.3 creates lifecycle gates by requiring capability assessment and safeguard verification before models are trained further or deployed once thresholds are approached. This mandatory-gate-at-milestone pattern, with documented outcomes required before progression, is the same structure EF-06's ethics-by-design gates implement across an enterprise AI development lifecycle. The RSP's gates bind Anthropic's own development process.",
      "normative_force": "best-practice",
      "source_version": "3.3",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "ibm_ai_fairness",
      "requirement_id": "Bias mitigation algorithms and pipeline-stage metric checks",
      "fit": "partial",
      "rationale": "AIF360 integrates into ML development pipelines as importable metric and mitigation components, so fairness evaluation can be scripted as a mandatory checkpoint at training, validation, and pre-deployment stages. EF-06's testing-stage ethics gates can require documented AIF360 metric outputs as gate artifacts for fairness assessment.",
      "normative_force": "best-practice",
      "source_version": "2018",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "meta_llama_rai",
      "requirement_id": "Responsible LLM product development stages; Model-level alignment — Evaluate and improve performance",
      "fit": "partial",
      "rationale": "The Responsible Use Guide organizes its guidance around responsible LLM product development stages, recommending safety evaluation and mitigation work at each stage from use-case definition through deployment. EF-06's lifecycle ethics gates give those stage-level recommendations enforceable form in an enterprise development process, with gate artifacts recording the evaluations the guide recommends.",
      "normative_force": "best-practice",
      "source_version": "2023",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "owasp_ai_exchange",
      "requirement_id": "modelalignment",
      "fit": "adjacent",
      "rationale": "EF-06 embeds ethics gates across the development lifecycle so system behavior is shaped toward intended values, a governance analogue to AI Exchange's technical MODEL ALIGNMENT.",
      "normative_force": "industry-framework",
      "source_version": "continuously-updated",
      "reviewed_on": "2026-07-08",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "mitre",
      "requirement_id": "AML.M0021",
      "fit": "supporting",
      "direction": "control-supports-requirement",
      "rationale": "Control \"Every AI system development project must have a complete set of ethics gate artifacts…\" enacts ATLAS mitigation AML.M0021 Generative AI Guidelines; OpenCRE crosswalks this control’s OWASP AI Exchange concept (modelalignment) to this mitigation.",
      "source_version": "v2026.06",
      "reviewed_on": "2026-07-08",
      "source_status": "authoritative",
      "mapping_confidence": "medium",
      "legal_status": "not-applicable",
      "control_readiness": "approved",
      "implementation_maturity": "developing",
      "assurance_result": "not-assessed",
      "evidence_status": "no-evidence",
      "normative_force": "industry-framework",
      "basis": "asserted",
      "relation": "equivalent_to",
      "correction": "ap38-opencre-enhancement 2026-07-08"
     },
     {
      "framework": "mitre",
      "requirement_id": "AML.M0022",
      "fit": "supporting",
      "direction": "control-supports-requirement",
      "rationale": "Control \"Every AI system development project must have a complete set of ethics gate artifacts…\" enacts ATLAS mitigation AML.M0022 Generative AI Model Alignment; OpenCRE crosswalks this control’s OWASP AI Exchange concept (modelalignment) to this mitigation.",
      "source_version": "v2026.06",
      "reviewed_on": "2026-07-08",
      "source_status": "authoritative",
      "mapping_confidence": "medium",
      "legal_status": "not-applicable",
      "control_readiness": "approved",
      "implementation_maturity": "developing",
      "assurance_result": "not-assessed",
      "evidence_status": "no-evidence",
      "normative_force": "industry-framework",
      "basis": "asserted",
      "relation": "equivalent_to",
      "correction": "ap38-opencre-enhancement 2026-07-08"
     }
    ],
    "canonical_id": "apeiris://ethics/controls/EF-06",
    "meta": {
     "authored_on": "2026-06-29",
     "schema_version": "1.1.0"
    },
    "validation_objective": "Every AI system development project must have a complete set of ethics gate artifacts approved for each lifecycle phase before the project advanced to the subsequent phase. The project management system must show zero unauthorized phase transitions — defined as any phase advancement record without an attached and approved ethics gate artifact — across the AI development portfolio in the current reporting period.",
    "evidence_required": [
     "ai_ethics_gate_matrix policy document defining required activities, artifact deliverables, approval authority, and escalation conditions for each lifecycle phase, reviewed and approved within the past 12 months",
     "phase_transition_records for each AI system project showing ethics gate artifact attachments and approval timestamps confirmed before the phase_transition_date for every phase",
     "gate_bypass_incident_log with entries for any bypass occurrence including system_id, phase, reason, escalation_record, and named approver — target zero unauthorized entries per quarter",
     "ethics_gate_artifact_set for each phase including the phase-required subset of: values_to_design_matrix, ethics_impact_assessment record, art_5_screening_record, and fairness_testing_results per the gate matrix specification"
    ],
    "machine_tests": [
     "Query project management system phase transition records for all AI development projects in the past quarter → assert each transition record has at least one ethics gate artifact attachment with approval_date before transition_date",
     "Check gate_bypass_incident_log entries → assert zero entries with bypass_type=unauthorized (i.e., no escalation record or missing approver field)",
     "Pull pre-deployment phase ethics gate artifacts for all systems deployed in the past 12 months → assert each includes an eia_record with verdict and an art_5_screening_record with screening_outcome"
    ],
    "human_review": [
     "Review a sample of development-phase ethics gate artifacts for substantive quality — assess whether fairness testing results and values-to-design entries reflect genuine analytical work rather than checkbox completion",
     "Verify that gate bypass incident detection and escalation occurred within the 24-hour requirement by comparing incident_timestamp fields to escalation_notification_timestamp fields in bypass incident records",
     "Assess whether development-phase gate artifacts are completed by engineers and data scientists with direct knowledge of the design decisions, or delegated to project managers or compliance personnel without appropriate technical ethics expertise"
    ],
    "blocking_effect": "blocks-deployment",
    "normative_status": "voluntary-standard",
    "anti_patterns": [
     "Attaching ethics gate artifacts to phase transition tickets after the fact with backdated approval timestamps to show pre-transition completion that did not actually occur",
     "Treating ethics gates as documentation requirements that project managers complete rather than as substantive review activities requiring qualified ethics and technical expertise",
     "Configuring project management system gate controls to allow override by project managers under 'emergency' conditions without mandatory ethics officer involvement or escalation logging",
     "Applying ethics-by-design gates only to externally-facing AI systems while exempting internal tools, infrastructure models, and developer-facing AI capabilities from the gate process",
     "Reusing ethics gate artifacts from a prior system version for a materially updated system without documenting what changed and re-assessing whether prior artifact conclusions remain valid"
    ],
    "update_status": "current",
    "layer_code": "EF"
   },
   {
    "id": "EF-07",
    "layer": "EF",
    "plane": "lifecycle",
    "name": "External Ethics Stakeholder Engagement",
    "plain": "The organization must maintain a structured program for engaging external stakeholders — including civil society organizations, affected communities, independent ethics experts, and domain specialists — in the assessment of AI system ethics impacts, with documented engagement outcomes that inform design and deployment decisions.",
    "threat": {
     "tags": [
      "internal-echo-chamber",
      "affected-community-exclusion",
      "ethics-blindspot",
      "governance-insularity"
     ],
     "desc": "Internal ethics review processes are structurally limited by the perspectives of organizational insiders who share cultural, professional, and economic biases. AI systems that affect communities the organization has no representation from routinely produce unidentified harms because no one in the review process had lived experience with those impacts. Absence of external stakeholder engagement is increasingly scrutinized by regulators and courts as evidence that the organization did not exercise adequate due diligence in identifying foreseeable harms."
    },
    "standard": [
     {
      "id": "oecd_ai_principles",
      "section": "Principle 1.5",
      "title": "Accountability: inclusive stakeholder participation in AI governance"
     },
     {
      "id": "un_ethics_ai",
      "section": "¶47",
      "title": "Multi-stakeholder and adaptive governance"
     },
     {
      "id": "eu_ai_act",
      "section": "Art. 27, Recital 96",
      "title": "Fundamental rights impact assessment and affected person consultation"
     },
     {
      "id": "nist_rmf",
      "section": "GOVERN 1.2, MAP 1.5",
      "title": "Diverse stakeholder perspectives in AI governance"
     }
    ],
    "sources": [
     {
      "id": "microsoft_rai_standard_v2_2022",
      "title": "Microsoft Responsible AI Standard v2",
      "authority": "Microsoft Corporation",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2",
      "published_on": "2022-06-21",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.microsoft.com/en-us/ai/responsible-ai",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "microsoft_rai_standard_v2_2022",
      "relationship": "informative_reference",
      "rationale": "Establishes Microsoft Responsible AI Standard v2 requirements informing the apeiris://ethics/controls/EF-07 External Ethics Stakeholder Engagement control.",
      "reviewed_on": "2026-07-01"
     },
     {
      "id": "google_ai_principles_2023",
      "title": "Google AI Principles",
      "authority": "Google LLC",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2025",
      "published_on": "2025-02-04",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://ai.google/responsibility/principles/",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "google_ai_principles_2023",
      "relationship": "informative_reference",
      "rationale": "Establishes Google AI Principles requirements informing the apeiris://ethics/controls/EF-07 External Ethics Stakeholder Engagement control.",
      "reviewed_on": "2026-07-02"
     }
    ],
    "implementation": {
     "pattern": "Establish a formal External Ethics Stakeholder Engagement Program with three tiers: (1) an ongoing External Ethics Advisory Panel (domain experts and civil society representatives, meeting quarterly), (2) system-specific community consultation for AI systems affecting defined vulnerable or marginalized populations (conducted before deployment), and (3) ad-hoc expert consultation for novel ethics questions without established organizational guidance. Document all engagement outcomes and create a formal feedback loop into the EIA process.",
     "steps": [
      "Establish an External Ethics Advisory Panel with diverse composition: minimum one civil society representative, one academic ethics expert, one domain specialist per major AI application area, and one representative of a community affected by the organization's AI systems.",
      "Define the engagement protocol for system-specific community consultation: when it is required (triggered by affected population analysis in the EIA), how it is conducted, how outcomes are documented, and how they influence design decisions.",
      "Publish an annual External Ethics Stakeholder Engagement Report summarizing engagement activities, outcomes, and how feedback was incorporated into AI governance decisions.",
      "Create a formal feedback loop mechanism where external stakeholder concerns are tracked in the AI governance system and assigned to responsible owners for response.",
      "Compensate external stakeholders appropriately for their time and expertise — unpaid consultation programs disproportionately exclude representatives of affected communities with fewer economic resources."
     ],
     "ethics_officer": {
      "summary": "External stakeholder engagement is not a communications exercise — it is a risk identification process. Treat adverse feedback from affected communities as high-priority risk signals that require design response, not as public relations challenges to be managed.",
      "actions": [
       "Chair the External Ethics Advisory Panel and ensure meeting agendas include substantive review of current AI system ethics questions.",
       "Determine which AI systems require system-specific community consultation based on affected population analysis.",
       "Report external stakeholder engagement outcomes to leadership and document how feedback was incorporated into AI governance decisions."
      ],
      "failure_signals": [
       "External Ethics Advisory Panel has not met within the past quarter.",
       "AI systems affecting vulnerable populations deployed without community consultation.",
       "External stakeholder feedback documented but no evidence of incorporation into design or policy decisions."
      ]
     },
     "legal_counsel": {
      "summary": "Documented external stakeholder engagement demonstrates due diligence in harm identification and is increasingly required by regulation. Ensure engagement programs are structured to produce legally usable evidence of consultation, not just process records.",
      "actions": [
       "Review the External Ethics Stakeholder Engagement Program design for consistency with FRIA requirements under EU AI Act Art. 27 and national guidance.",
       "Ensure engagement documentation is retained under appropriate legal hold and document preservation policies.",
       "Advise on how to structure community consultation to produce evidence of genuine consultation rather than nominal compliance."
      ],
      "failure_signals": [
       "Engagement program not structured to satisfy FRIA consultation requirements.",
       "Engagement documentation not retained under appropriate preservation policy.",
       "Consultation conducted after deployment decisions are finalized — nominal rather than genuine."
      ]
     },
     "grc_auditor": {
      "summary": "External stakeholder engagement must produce documented outcomes that demonstrably influence governance decisions. Audit for engagement completeness, outcome documentation quality, and feedback incorporation evidence.",
      "actions": [
       "Verify that the External Ethics Advisory Panel has met on schedule and that meeting records are retained.",
       "Sample AI systems that triggered community consultation requirements and verify that consultation was conducted before deployment.",
       "Review the annual External Ethics Stakeholder Engagement Report for completeness and verify that feedback incorporation is documented."
      ],
      "metrics": [
       "Advisory Panel meeting schedule compliance: target 100% of required meetings held and documented.",
       "Community consultation completion rate: target 100% of systems requiring consultation consulted before deployment.",
       "Feedback incorporation documentation rate: target 100% of material external feedback has documented organizational response."
      ],
      "failure_signals": [
       "Advisory Panel meetings missed without rescheduling.",
       "AI systems requiring community consultation deployed without documented consultation.",
       "Annual Engagement Report not published or feedback incorporation not documented."
      ]
     },
     "business_stakeholder": {
      "summary": "External stakeholder engagement provides market intelligence as well as ethics governance value. Community concerns about AI systems are leading indicators of regulatory and reputational risk that business leaders need to understand early.",
      "actions": [
       "Participate in briefings from the External Ethics Advisory Panel on concerns relevant to your business domain.",
       "Flag to the ethics officer when AI systems in your domain will affect communities not represented in the current Advisory Panel composition."
      ],
      "failure_signals": [
       "Business units unaware of external stakeholder concerns relevant to their AI systems.",
       "Affected community concerns treated as communications problems rather than design problems."
      ]
     }
    },
    "maturity": {
     "current": "initial",
     "target": "defined",
     "notes": "Most organizations have external advisory boards for general AI governance but lack structured community consultation programs for specific AI systems. The gap between advisory panel and affected community consultation is the primary maturity shortfall."
    },
    "capability_risk": {
     "capability_level": "none"
    },
    "tiers": [
     "universal-enterprise",
     "high-risk-sector",
     "eu-high-risk-ai",
     "federated-enterprise"
    ],
    "implementers": [
     "Ethics Office",
     "Communications and Policy",
     "Legal Counsel",
     "Product Leadership"
    ],
    "frameworks": [
     {
      "framework": "oecd_ai_principles",
      "requirement_id": "Principle 1.5",
      "fit": "direct",
      "rationale": "OECD AI Principle 1.5 requires that organizations foster inclusive stakeholder participation in AI governance and that those affected by AI systems have meaningful input into governance decisions. The External Ethics Stakeholder Engagement Program directly operationalizes this accountability principle.",
      "normative_force": "voluntary-standard",
      "source_version": "2024",
      "reviewed_on": "2026-06-29",
      "basis": "asserted",
      "relation": "informs"
     },
     {
      "framework": "un_ethics_ai",
      "requirement_id": "¶47 (Multi-stakeholder and adaptive governance)",
      "fit": "direct",
      "rationale": "UNESCO Recommendation ¶47 calls for multi-stakeholder participation in AI governance, including affected communities and civil society. The tiered External Ethics Stakeholder Engagement Program is designed to give that participatory-governance expectation operational form.",
      "normative_force": "voluntary-standard",
      "source_version": "2021",
      "reviewed_on": "2026-07-02",
      "basis": "asserted",
      "relation": "informs"
     },
     {
      "framework": "eu_ai_act",
      "requirement_id": "Art. 27, Recital 96",
      "fit": "partial",
      "rationale": "EU AI Act Art. 27 FRIA requirements and Recital 96 guidance indicate that meaningful consultation of affected persons and their representatives is expected as part of the fundamental rights impact assessment process. The community consultation tier of this control directly satisfies that expectation.",
      "normative_force": "binding-law",
      "source_version": "2024/1689",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "satisfies"
     },
     {
      "framework": "nist_rmf",
      "requirement_id": "GOVERN 1.2, MAP 1.5",
      "fit": "partial",
      "rationale": "NIST AI RMF GOVERN 1.2 requires that diverse perspectives and stakeholder input inform AI governance decisions, and MAP 1.5 requires that affected communities are considered in AI risk identification. External stakeholder engagement directly satisfies these requirements.",
      "normative_force": "voluntary-standard",
      "source_version": "1.0",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "iso_42001",
      "requirement_id": "§4.2, §9.3",
      "fit": "partial",
      "rationale": "ISO/IEC 42001:2023 §4.2 requires that the needs and expectations of interested parties are determined and that relevant stakeholder requirements are understood. §9.3 management review requirements include consideration of stakeholder feedback. The External Ethics Stakeholder Engagement Program provides the systematic mechanism for satisfying both requirements.",
      "normative_force": "certification-standard",
      "source_version": "2023",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "microsoft_rai",
      "requirement_id": "Goal I1 (Inclusiveness — accessibility standards); Goals A1–A5 (Accountability)",
      "fit": "partial",
      "rationale": "Microsoft's Responsible AI Standard v2 Inclusiveness requirements specifically address designing AI systems with input from diverse communities, including those historically underrepresented or likely to be affected by AI outcomes. The Accountability goals require mechanisms for external feedback and affected party engagement in system governance. These requirements align directly with the External Ethics Stakeholder Engagement Program's community consultation and Advisory Panel tiers in EF-07.",
      "normative_force": "best-practice",
      "source_version": "v2 (2022)",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "google_ai_principles",
      "requirement_id": "Responsible development and deployment — appropriate human oversight, due diligence, and feedback mechanisms; Bold innovation — benefiting people and society",
      "fit": "partial",
      "rationale": "Google's current AI Principles (the 2025 revision, which replaced the 2018 seven-principles list with three pillars — Bold innovation; Responsible development and deployment; Collaborative progress) commit to feedback mechanisms aligned with user goals and social responsibility, and the Bold innovation pillar centers benefits to people and society. Both imply structured engagement with affected communities and external stakeholders, which EF-07's External Ethics Stakeholder Engagement Program operationalizes.",
      "normative_force": "best-practice",
      "source_version": "2025",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     }
    ],
    "canonical_id": "apeiris://ethics/controls/EF-07",
    "meta": {
     "authored_on": "2026-06-29",
     "schema_version": "1.1.0"
    },
    "validation_objective": "The organization must have an active External Ethics Advisory Panel holding documented quarterly meetings, and every AI system whose Ethics Impact Assessment triggered community consultation requirements must have a consultation record completed with documented outcomes before that system's production deployment date. All material external stakeholder feedback must have a documented organizational response assigned to a named owner in the stakeholder feedback registry.",
    "evidence_required": [
     "external_ethics_advisory_panel_meeting_records for each quarterly meeting including date, attendees, agenda items, and outcomes_summary confirming at least 4 meetings in the past 12 months",
     "advisory_panel_composition_record confirming minimum diversity: civil society representative, academic ethics expert, affected community representative, and domain specialist per major AI application area",
     "community_consultation_records for each AI system that triggered consultation requirements, including consultation_method, participant_communities, date_completed, outcomes_summary, and design_response_record — all with date_completed before production_deployment_date",
     "stakeholder_feedback_registry with each material feedback item including owner_name, response_status, and target_resolution_date",
     "annual_external_ethics_stakeholder_engagement_report summarizing engagement activities, outcomes, and documented feedback incorporation decisions with distinction between incorporated, rejected-with-rationale, and pending-review feedback"
    ],
    "machine_tests": [
     "Query advisory panel meeting records → assert at least 4 meeting records exist in the past 365 days, each with non-null attendees list (minimum 3 members) and outcomes_summary field",
     "Cross-reference AI systems with community_consultation_required=true in their EIA records against consultation completion records → assert each required consultation has a date_completed before the system's production_deployment_date",
     "Query stakeholder_feedback_registry → assert each feedback entry has a non-null owner_name field and status is either resolved or in-progress with a non-null target_date"
    ],
    "human_review": [
     "Review community consultation records to verify that consultations were substantively consultative — assess whether design decisions in the system's gate artifacts reflect feedback received, or whether feedback was documented without identifiable organizational response",
     "Verify that the External Ethics Advisory Panel composition includes genuine representatives of communities affected by the organization's AI systems rather than proxy representatives selected for organizational convenience or prior relationship",
     "Assess whether the annual Engagement Report distinguishes between feedback that was incorporated into governance decisions, feedback that was rejected with documented rationale, and feedback still under active consideration — reject reports that only list activities without outcomes"
    ],
    "blocking_effect": "blocks-deployment",
    "normative_status": "voluntary-standard",
    "anti_patterns": [
     "Establishing an External Ethics Advisory Panel composed exclusively of academic and industry experts without civil society or affected community representation, creating structural bias toward perspectives that share organizational economic interests",
     "Conducting community consultation after deployment decisions are finalized and architectural choices are locked, making consultation outcomes unable to influence design and rendering the process nominally compliant rather than genuinely participatory",
     "Selecting affected community representatives based on organizational convenience — such as existing customer advisory board members — rather than on proximity to and lived experience with the AI system's potential harms",
     "Documenting external stakeholder engagement activities without maintaining a feedback registry that tracks whether and how each piece of material feedback was incorporated into governance decisions, making feedback loops unverifiable",
     "Routing external stakeholder concerns to communications or public affairs teams rather than to the ethics officer, treating community feedback as a reputational risk to be managed rather than a risk identification signal to be acted upon"
    ],
    "update_status": "current",
    "layer_code": "EF"
   },
   {
    "id": "EF-08",
    "layer": "EF",
    "plane": "both",
    "name": "Ethics Foundations Evidence Package",
    "plain": "The organization must compile and maintain a complete, version-controlled evidence package demonstrating that ethical foundations are adopted, operationalized, and under active review — aggregating key artifacts from EF-01 through EF-07 into a structured package suitable for regulatory submission, audit, and external assurance purposes.",
    "threat": {
     "tags": [
      "evidence-fragmentation",
      "audit-readiness-gap",
      "attestation-failure",
      "governance-documentation-loss"
     ],
     "desc": "Ethics governance artifacts produced across the EF layer are often stored in disparate systems by different teams, making it impossible to assemble a coherent evidence package under audit or regulatory inquiry timelines. Fragmented evidence creates the appearance of incomplete governance even when individual controls are well-executed. Regulatory inquiries that cannot be satisfied with timely, coherent evidence packages are treated as governance failures regardless of whether the underlying controls were sound."
    },
    "standard": [
     {
      "id": "iso_42001",
      "section": "§7.5, §9.2",
      "title": "Documented information management and internal audit evidence"
     },
     {
      "id": "eu_ai_act",
      "section": "Art. 11, Art. 18",
      "title": "Technical documentation and record keeping"
     },
     {
      "id": "nist_rmf",
      "section": "GOVERN 4.2",
      "title": "Documentation and communication of AI risks and impacts"
     },
     {
      "id": "oecd_ai_principles",
      "section": "Principle 1.5",
      "title": "Accountability and transparency documentation"
     }
    ],
    "sources": [
     {
      "id": "microsoft_rai_standard_v2_2022",
      "title": "Microsoft Responsible AI Standard v2",
      "authority": "Microsoft Corporation",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2",
      "published_on": "2022-06-21",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.microsoft.com/en-us/ai/responsible-ai",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "microsoft_rai_standard_v2_2022",
      "relationship": "informative_reference",
      "rationale": "Establishes Microsoft Responsible AI Standard v2 requirements informing the apeiris://ethics/controls/EF-08 Ethics Foundations Evidence Package control.",
      "reviewed_on": "2026-07-01"
     },
     {
      "id": "google_ai_principles_2023",
      "title": "Google AI Principles",
      "authority": "Google LLC",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2025",
      "published_on": "2025-02-04",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://ai.google/responsibility/principles/",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "google_ai_principles_2023",
      "relationship": "informative_reference",
      "rationale": "Establishes Google AI Principles requirements informing the apeiris://ethics/controls/EF-08 Ethics Foundations Evidence Package control.",
      "reviewed_on": "2026-07-02"
     }
    ],
    "implementation": {
     "pattern": "Define an Ethics Foundations Evidence Package (EFEP) specification that lists the required artifact types from EF-01 through EF-07, the currency requirements for each, the format and storage location requirements, and the assembly and review process. Maintain a standing EFEP for the organization's overall ethics governance posture and a system-specific EFEP for each AI system in the production inventory. Review and certify the organizational EFEP quarterly; system EFEPs are updated at each EIA cycle.",
     "steps": [
      "Define the EFEP specification: list required artifacts from each EF control, currency requirements (e.g., Ethics Principles Register reviewed within 12 months), format requirements, and storage location.",
      "Implement a governance document management repository with automated currency tracking that flags artifacts approaching or exceeding their review deadlines.",
      "Assign a named EFEP owner (typically the Chief AI Ethics Officer or delegate) responsible for assembly, completeness review, and certification.",
      "Establish a quarterly EFEP review cycle: the EFEP owner reviews completeness, flags expired artifacts for renewal, and produces a signed completeness certification.",
      "Maintain an EFEP audit trail — every artifact addition, update, and certification event is logged with timestamp and actor identity to support forensic review."
     ],
     "ethics_officer": {
      "summary": "The EFEP is your proof of governance — the artifact that demonstrates that ethics commitments are not just stated but operationalized, documented, and maintained. Sign the quarterly completeness certification only when you have personally verified that each required artifact is current and substantive.",
      "actions": [
       "Certify the organizational EFEP quarterly after reviewing each component artifact for currency and substantive completeness.",
       "Escalate to governance leadership any quarter where the EFEP cannot be certified due to missing or expired artifacts.",
       "Maintain the EFEP in a state that could be submitted to a regulator within 48 hours of request."
      ],
      "failure_signals": [
       "EFEP not certified within the current quarterly cycle.",
       "Component artifacts expired beyond their required review cycle.",
       "EFEP cannot be assembled within 48 hours of a regulatory inquiry due to fragmentation across systems."
      ]
     },
     "legal_counsel": {
      "summary": "The EFEP is a legal document package. Ensure it satisfies EU AI Act Art. 11 technical documentation requirements, is retained under appropriate legal hold policies, and that certification language does not create unintended legal representations.",
      "actions": [
       "Review the EFEP specification to ensure it covers EU AI Act Art. 11 technical documentation requirements and Art. 18 record-keeping obligations.",
       "Ensure EFEP artifacts are retained under legal hold-compatible preservation policies.",
       "Review quarterly certification language for legal sufficiency and absence of inadvertent representations."
      ],
      "failure_signals": [
       "EFEP does not cover Art. 11 technical documentation requirements.",
       "EFEP artifacts not retained under appropriate preservation policy.",
       "Certification language creating inadvertent legal admissions."
      ]
     },
     "grc_auditor": {
      "summary": "The EFEP is the primary artifact for EF-layer audit. Verify completeness against the EFEP specification, artifact currency, and that quarterly certifications are signed and retained. Sample component artifacts for substantive quality.",
      "actions": [
       "Verify that the organizational EFEP is complete against the EFEP specification and that all component artifacts are within their required review cycle.",
       "Confirm that quarterly EFEP certifications are signed by the designated certifying authority and retained.",
       "Sample component artifacts (e.g., EIA verdicts, Values-to-Design Matrices, Art. 5 screening records) for substantive quality and governance compliance."
      ],
      "metrics": [
       "EFEP completeness rate: target 100% of required artifacts present and within currency requirements.",
       "Quarterly certification compliance rate: target 100% of required certification cycles completed on schedule.",
       "Artifact currency rate: target 100% of component artifacts within their required review cycle at time of audit."
      ],
      "failure_signals": [
       "EFEP missing required component artifacts.",
       "Quarterly certifications not completed or not signed by designated authority.",
       "Component artifacts expired beyond their review cycle at time of audit."
      ]
     },
     "data_scientist": {
      "summary": "System-specific EFEPs include technical artifacts you produce: fairness test results, model cards, data provenance documentation, and EIA technical sections. Ensure these artifacts are stored in the designated EFEP repository, not only in project-local storage.",
      "actions": [
       "Store fairness testing results, model cards, and EIA technical sections in the designated EFEP repository rather than project-local systems.",
       "Notify the EFEP owner when technical artifacts are updated following model changes so the system EFEP can be refreshed.",
       "Review the EFEP specification to understand which technical artifacts you are responsible for producing."
      ],
      "failure_signals": [
       "Technical artifacts stored only in project-local systems not accessible for EFEP assembly.",
       "Model changes not triggering EFEP technical artifact updates.",
       "Fairness test results not included in system EFEP."
      ]
     }
    },
    "maturity": {
     "current": "initial",
     "target": "managed",
     "notes": "Most organizations can produce ethics governance artifacts in response to specific requests but do not maintain a standing, continuously current evidence package. The shift to proactive EFEP maintenance is a significant operational change requiring tooling and process investment."
    },
    "capability_risk": {
     "capability_level": "none"
    },
    "tiers": [
     "universal-enterprise",
     "high-risk-sector",
     "eu-high-risk-ai",
     "federated-enterprise",
     "cloud-native"
    ],
    "implementers": [
     "Ethics Office",
     "GRC Team",
     "Legal Counsel",
     "AI Engineering Teams"
    ],
    "frameworks": [
     {
      "framework": "iso_42001",
      "requirement_id": "§7.5, §9.2",
      "fit": "direct",
      "rationale": "ISO/IEC 42001:2023 §7.5 requires that documented information required for the AI management system is controlled, maintained, and retained appropriately. §9.2 requires that internal audits produce documented evidence of conformance. The EFEP is the primary controlled documentation artifact satisfying these requirements.",
      "normative_force": "certification-standard",
      "source_version": "2023",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "eu_ai_act",
      "requirement_id": "Art. 11, Art. 18",
      "fit": "direct",
      "rationale": "EU AI Act Art. 11 requires that high-risk AI system providers maintain comprehensive technical documentation, and Art. 18 requires that documentation be retained for 10 years following system availability on the market. The EFEP is structured to satisfy these retention and completeness requirements.",
      "normative_force": "binding-law",
      "source_version": "2024/1689",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "satisfies"
     },
     {
      "framework": "nist_rmf",
      "requirement_id": "GOVERN 4.2",
      "fit": "direct",
      "rationale": "NIST AI RMF GOVERN 4.2 requires organizational teams to document the risks and potential impacts of the AI systems they develop and deploy, and to communicate about those impacts. The EFEP is the ethics-domain documentation artifact that satisfies this documentation and communication requirement.",
      "normative_force": "voluntary-standard",
      "source_version": "1.0",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "oecd_ai_principles",
      "requirement_id": "Principle 1.5",
      "fit": "partial",
      "rationale": "OECD AI Principle 1.5 requires accountability mechanisms that allow AI actors to demonstrate that their AI systems comply with applicable standards and that harm prevention measures are in place. The EFEP is the accountability documentation mechanism that enables this demonstration.",
      "normative_force": "voluntary-standard",
      "source_version": "2024",
      "reviewed_on": "2026-06-29",
      "basis": "asserted",
      "relation": "informs"
     },
     {
      "framework": "acm_ethics",
      "requirement_id": "§2.3, §3.7",
      "fit": "adjacent",
      "rationale": "ACM Code of Ethics §2.3 requires that computing professionals know and respect existing rules pertaining to professional work and §3.7 requires that organizational leaders ensure procedures protecting members' ethical concerns are in place. The EFEP provides the documented evidence that these professional obligations are being systematically met.",
      "normative_force": "best-practice",
      "source_version": "2018",
      "reviewed_on": "2026-06-29",
      "basis": "asserted",
      "relation": "informs"
     },
     {
      "framework": "microsoft_rai",
      "requirement_id": "Goals A1–A5 (Accountability); Goal T2 (Communication to stakeholders)",
      "fit": "partial",
      "rationale": "Microsoft's Responsible AI Standard v2 Accountability goals require that responsible AI decisions are documented, that decision records are retained, and that documentation supports review and accountability — directly informing the artifact types that the Ethics Foundations Evidence Package (EFEP) should aggregate. The Transparency requirements mandate that AI system stakeholders can access relevant information about governance decisions, which the EFEP's structured documentation supports.",
      "normative_force": "best-practice",
      "source_version": "v2 (2022)",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "google_ai_principles",
      "requirement_id": "Responsible development and deployment — appropriate human oversight, due diligence, and feedback mechanisms",
      "fit": "partial",
      "rationale": "Google's current AI Principles (the 2025 revision, which replaced the 2018 seven-principles list with three pillars — Bold innovation; Responsible development and deployment; Collaborative progress) commit to human oversight and due diligence in AI development and deployment. EF-08's Ethics Foundations Evidence Package is the organized, externally reviewable record that demonstrates such due diligence was actually performed — the evidence layer that makes principle commitments verifiable.",
      "normative_force": "best-practice",
      "source_version": "2025",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     }
    ],
    "canonical_id": "apeiris://ethics/controls/EF-08",
    "meta": {
     "authored_on": "2026-06-29",
     "schema_version": "1.1.0"
    },
    "validation_objective": "The ethics governance evidence package must be complete, version-controlled, and retrievable within regulatory inquiry timelines, demonstrating that all EF-01 through EF-07 artifacts are current, co-located in a structured store, and have been reviewed within the past review cycle.",
    "evidence_required": [
     "ethics_evidence_package_manifest listing each constituent artifact (EF-01 through EF-07) with version, sha256_hash, artifact_owner, and last_reviewed_date",
     "version_control_history showing at least one complete revision cycle for the package with review sign-off in the trailing 12 months",
     "retrieval_test_record demonstrating the full package was assembled within the required retrieval time window (e.g., 24 hours) during a simulated audit exercise",
     "regulatory_submission_receipt or equivalent record confirming the package was delivered to an external auditor or regulator within the past review cycle"
    ],
    "machine_tests": [
     "Query ethics_evidence_package_manifest → assert all 7 EF-layer artifact entries are present with status=current and last_reviewed_date within 365 days",
     "Trigger simulated audit retrieval request against evidence store → assert full package assembled and returned within 24-hour SLA threshold",
     "Check version_control_history → assert at least one complete version bump with review_sign_off exists in the trailing 12 months"
    ],
    "human_review": [
     "Verify that the evidence package structure satisfies EU AI Act Art. 11 technical documentation completeness requirements and Art. 18 ten-year retention obligations",
     "Assess whether artifact owners and review responsibilities are explicitly assigned for each component of the package with documented succession",
     "Confirm that the package contents would be intelligible and sufficient for an external auditor unfamiliar with internal systems to assess ethics governance posture"
    ],
    "blocking_effect": "blocks-deployment",
    "normative_status": "binding-law",
    "anti_patterns": [
     "Storing ethics governance artifacts in ad-hoc shared drives without versioning, consistent naming conventions, or ownership metadata",
     "Treating the evidence package as a one-time compliance exercise rather than maintaining it as a living artifact set updated after each EF-layer control review",
     "Including artifacts from EF controls in the package without confirming those upstream controls are themselves current and have been reviewed within the required cycle",
     "Assigning evidence package assembly responsibility to a single team member without backup ownership or tested retrieval procedures",
     "Declaring conformance with EU AI Act Art. 11 documentation requirements without mapping EFEP artifacts to specific Annex IV technical documentation sections"
    ],
    "update_status": "current",
    "layer_code": "EF"
   },
   {
    "id": "FA-01",
    "layer": "FA",
    "plane": "control",
    "name": "Protected Characteristic Identification and Scope",
    "plain": "Every AI system must identify and document all protected characteristics relevant to its use context and jurisdictions of operation, establishing a scoped inventory that informs all downstream fairness controls.",
    "threat": {
     "tags": [
      "unrecognized-protected-class",
      "jurisdictional-gap",
      "proxy-discrimination",
      "scope-blindness"
     ],
     "desc": "AI systems deployed across jurisdictions operate under different protected characteristic definitions—race, sex, age, disability, religion, national origin, and locally recognized classes. Without an explicit scoping exercise, systems routinely omit characteristics protected under applicable law, creating undetected discriminatory exposure. Proxy variables such as zip code, name phonetics, and purchase history can encode protected characteristics even when those characteristics are excluded from training features, so scoping must address both direct and indirect use."
    },
    "standard": [
     {
      "id": "eu_charter",
      "section": "Art. 21",
      "title": "Non-discrimination — enumerated protected grounds"
     },
     {
      "id": "eu_ai_act",
      "section": "Art. 10(5)",
      "title": "Training, validation, and testing data — sensitive attribute handling"
     },
     {
      "id": "nist_rmf",
      "section": "MAP 1.5",
      "title": "Organizational risk tolerance and context mapping"
     },
     {
      "id": "iso_42001",
      "section": "6.1.2",
      "title": "AI risk identification and treatment planning"
     }
    ],
    "sources": [
     {
      "id": "ibm_ai_fairness_360_2021",
      "title": "IBM AI Fairness 360 (AIF360)",
      "authority": "IBM Corporation",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2018",
      "published_on": "2018-09-19",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://github.com/Trusted-AI/AIF360",
      "license": "open-source-apache2",
      "status": "current",
      "flagship": false,
      "source_id": "ibm_ai_fairness_360_2021",
      "relationship": "informative_reference",
      "rationale": "Establishes IBM AI Fairness 360 (AIF360) requirements informing the apeiris://ethics/controls/FA-01 Protected Characteristic Identification and Scope control.",
      "reviewed_on": "2026-07-02"
     },
     {
      "id": "google_ai_principles_2023",
      "title": "Google AI Principles",
      "authority": "Google LLC",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2025",
      "published_on": "2025-02-04",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://ai.google/responsibility/principles/",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "google_ai_principles_2023",
      "relationship": "informative_reference",
      "rationale": "Establishes Google AI Principles requirements informing the apeiris://ethics/controls/FA-01 Protected Characteristic Identification and Scope control.",
      "reviewed_on": "2026-07-02"
     },
     {
      "id": "microsoft_rai_standard_v2_2022",
      "title": "Microsoft Responsible AI Standard v2",
      "authority": "Microsoft Corporation",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2",
      "published_on": "2022-06-21",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.microsoft.com/en-us/ai/responsible-ai",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "microsoft_rai_standard_v2_2022",
      "relationship": "informative_reference",
      "rationale": "Establishes Microsoft Responsible AI Standard v2 requirements informing the apeiris://ethics/controls/FA-01 Protected Characteristic Identification and Scope control.",
      "reviewed_on": "2026-07-01"
     },
     {
      "id": "eeoc_ai_hiring_2023",
      "title": "EEOC — Select Issues: Assessing Adverse Impact in Software, Algorithms, and Artificial Intelligence Used in Employment Selection Procedures Under Title VII",
      "authority": "Equal Employment Opportunity Commission (EEOC)",
      "source_type": "guidance",
      "normative_force": "supervisory-guidance",
      "version": "2023",
      "published_on": "2023-05-18",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.eeoc.gov/laws/guidance/questions-and-answers-clarifying-eeocs-role-addressing-employment-discrimination",
      "license": "public-domain",
      "status": "withdrawn",
      "flagship": false,
      "source_id": "eeoc_ai_hiring_2023",
      "relationship": "supporting_guidance",
      "rationale": "Establishes EEOC — Select Issues: Assessing Adverse Impact in Software, Algorithms, and Artificial Intelligence Used in Employment Selection Procedures Under Title VII requirements informing the apeiris://ethics/controls/FA-01 Protected Characteristic Identification and Scope control.",
      "reviewed_on": "2026-07-02"
     },
     {
      "id": "doj_ai_guidance_2023",
      "title": "DOJ — Algorithms, Artificial Intelligence, and Disability Discrimination in Hiring",
      "authority": "U.S. Department of Justice Civil Rights Division",
      "source_type": "guidance",
      "normative_force": "supervisory-guidance",
      "version": "2022",
      "published_on": "2022-05-12",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.ada.gov/resources/ai-guidance/",
      "license": "public-domain",
      "status": "current",
      "flagship": false,
      "source_id": "doj_ai_guidance_2023",
      "relationship": "supporting_guidance",
      "rationale": "Establishes DOJ — Algorithms, Artificial Intelligence, and Disability Discrimination in Hiring requirements informing the apeiris://ethics/controls/FA-01 Protected Characteristic Identification and Scope control.",
      "reviewed_on": "2026-07-02"
     }
    ],
    "implementation": {
     "pattern": "Conduct a jurisdictional mapping exercise at intake for each AI system, enumerating all applicable protected characteristics under federal, state, and local law for every deployment region. Document results in a Protected Characteristic Register that is versioned and reviewed whenever deployment scope changes.",
     "steps": [
      "Identify all jurisdictions in which the AI system will make or inform decisions affecting individuals.",
      "For each jurisdiction, enumerate protected characteristics under applicable law (e.g., Title VII, ADA, ADEA, EU equality directives, NYC Human Rights Law).",
      "Extend the inventory to include proxy variables that may encode protected characteristics—validate with legal counsel and a data scientist.",
      "Record the scoped inventory in the Protected Characteristic Register and gate model deployment on register completion.",
      "Review and update the register on any expansion of deployment geography or use-case scope."
     ],
     "ethics_officer": {
      "summary": "The Protected Characteristic Register is the foundational document for all FA-layer controls. Ensure it is complete before any fairness testing begins.",
      "actions": [
       "Convene a scoping workshop with legal, data science, and business stakeholders at AI system intake.",
       "Approve the final register and document the rationale for any characteristics deemed not applicable.",
       "Trigger a re-scoping review whenever the system's deployment geography or decision context changes."
      ],
      "failure_signals": [
       "Register missing one or more jurisdictions where the system is deployed.",
       "Protected characteristic inventory not updated after product expansion."
      ]
     },
     "legal_counsel": {
      "summary": "Legal must validate that the register reflects all applicable anti-discrimination statutes and local ordinances across every deployment jurisdiction.",
      "actions": [
       "Review proposed deployment jurisdictions and map applicable anti-discrimination law to the register.",
       "Flag proxy variables identified by data science that could constitute unlawful discrimination.",
       "Confirm register completeness before legal sign-off on system launch."
      ],
      "failure_signals": [
       "Register lacks coverage of a jurisdiction added after initial scoping.",
       "Proxy variable risk not documented alongside direct characteristic entries."
      ]
     },
     "data_scientist": {
      "summary": "Perform a proxy variable audit to identify features in training data that may serve as proxies for protected characteristics, and document findings in the register.",
      "actions": [
       "Run correlation analysis between candidate model features and each protected characteristic in the register.",
       "Document features with correlation coefficient above threshold as proxy-risk variables.",
       "Provide proxy risk findings to legal counsel for legal determination."
      ],
      "failure_signals": [
       "Proxy analysis not completed before model training begins.",
       "High-correlation features retained without documented legal and ethics review."
      ]
     },
     "grc_auditor": {
      "summary": "Audit completeness of the Protected Characteristic Register and verify it is kept current across system lifecycle events.",
      "actions": [
       "Request the register at each audit cycle and compare against current deployment geography.",
       "Verify that re-scoping reviews were triggered and completed for all expansion events.",
       "Sample register entries and confirm legal counsel sign-off is documented."
      ],
      "metrics": [
       "Register coverage rate: 100% of deployment jurisdictions documented.",
       "Time-to-update after deployment expansion: target 30 days or fewer."
      ],
      "failure_signals": [
       "Register not updated within 30 days of a deployment expansion event.",
       "Missing legal sign-off on one or more register versions."
      ]
     },
     "business_stakeholder": {
      "summary": "Business stakeholders must notify the ethics and legal teams of any planned expansion of the AI system's deployment scope so that the register can be updated before launch.",
      "actions": [
       "Include protected characteristic re-scoping as a mandatory gate in the product launch checklist.",
       "Escalate unexpected deployment geography additions to the ethics officer before proceeding."
      ],
      "failure_signals": [
       "Product expansion launched without triggering a register review.",
       "Business teams unaware of register update requirements."
      ]
     }
    },
    "maturity": {
     "current": "initial",
     "target": "defined",
     "notes": "Most enterprises lack a formal multi-jurisdictional protected characteristic inventory; scoping is typically ad hoc or limited to federal Title VII categories."
    },
    "capability_risk": {
     "capability_level": "none"
    },
    "tiers": [
     "universal-enterprise",
     "high-risk-sector",
     "eu-high-risk-ai",
     "multi-tenant"
    ],
    "implementers": [
     "Ethics Team",
     "Legal Counsel",
     "Data Science",
     "Product Management"
    ],
    "frameworks": [
     {
      "framework": "eu_charter",
      "requirement_id": "Art. 21",
      "fit": "direct",
      "rationale": "Article 21 of the EU Charter of Fundamental Rights prohibits discrimination on grounds including sex, race, colour, ethnic or social origin, genetic features, language, religion or belief, and others. A complete protected characteristic register is the prerequisite for demonstrating that these non-discrimination rights are operationalized in AI system design.",
      "normative_force": "binding-law",
      "source_version": "2012/C 326/02",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "satisfies"
     },
     {
      "framework": "eu_ai_act",
      "requirement_id": "Art. 10(5)",
      "fit": "direct",
      "rationale": "Article 10(5) of the EU AI Act requires that providers of high-risk AI systems process special categories of personal data only to the extent strictly necessary for bias monitoring and correction. Identifying which characteristics constitute special categories within each jurisdiction is a prerequisite for compliant data handling.",
      "normative_force": "binding-law",
      "source_version": "2024/1689",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "satisfies"
     },
     {
      "framework": "nist_rmf",
      "requirement_id": "MAP 1.5",
      "fit": "direct",
      "rationale": "NIST AI RMF MAP 1.5 calls for organizational risk tolerance to be defined with reference to affected populations and context. Identifying protected characteristics is the mechanism by which fairness-relevant populations are enumerated and made actionable within the risk mapping process.",
      "normative_force": "voluntary-standard",
      "source_version": "1.0",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "iso_42001",
      "requirement_id": "§6.1.2",
      "fit": "direct",
      "rationale": "ISO/IEC 42001 §6.1.2 requires organizations to identify AI risks, including risks of harmful outcomes to individuals. Enumerating protected characteristics provides the scope boundary for fairness risk identification required under this clause.",
      "normative_force": "certification-standard",
      "source_version": "2023",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "oecd_ai_principles",
      "requirement_id": "Principle 1.2",
      "fit": "partial",
      "rationale": "The OECD AI Principles 2024 Principle 1.2 on human-centred values requires AI actors to respect the rule of law, human rights, and non-discrimination. Identifying protected characteristics is the first operational step toward demonstrating compliance with this principle.",
      "normative_force": "voluntary-standard",
      "source_version": "2024",
      "reviewed_on": "2026-06-29",
      "basis": "asserted",
      "relation": "informs"
     },
     {
      "framework": "ibm_ai_fairness",
      "requirement_id": "Protected attribute specification (privileged/unprivileged groups)",
      "fit": "direct",
      "rationale": "Every AIF360 metric and mitigation algorithm is parameterized by explicitly specified protected attributes and privileged/unprivileged groups. FA-01's protected characteristic register supplies exactly this specification — without it, no downstream AIF360 bias measurement or mitigation run is well-defined.",
      "normative_force": "best-practice",
      "source_version": "2018",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "microsoft_rai",
      "requirement_id": "Goal F1 (Quality of service — identify affected demographic groups)",
      "fit": "direct",
      "rationale": "Microsoft RAI Standard Goal F1 requires identifying affected groups and characterizing potential fairness harms before deployment. FA-01 operationalizes this requirement by formally cataloguing the protected characteristics and demographic groups in scope, providing the baseline for all subsequent fairness impact assessment activities.",
      "normative_force": "best-practice",
      "source_version": "v2 (2022)",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "google_ai_principles",
      "requirement_id": "Responsible development and deployment — mitigating unintended or harmful outcomes and avoiding unfair bias",
      "fit": "direct",
      "rationale": "Google's current AI Principles (the 2025 revision, which replaced the 2018 seven-principles list with three pillars — Bold innovation; Responsible development and deployment; Collaborative progress) commit to employing safeguards that mitigate unintended or harmful outcomes and avoid unfair bias. FA-01 satisfies the prerequisite of that commitment by explicitly defining which protected characteristics are in scope, enabling the bias evaluation and mitigation the pillar requires.",
      "normative_force": "best-practice",
      "source_version": "2025",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "eeoc_ai",
      "requirement_id": "Adverse impact assessment under Title VII (Q&A technical assistance; no numbered sections)",
      "fit": "direct",
      "rationale": "The EEOC's May 2023 technical assistance, 'Select Issues: Assessing Adverse Impact in Software, Algorithms, and Artificial Intelligence Used in Employment Selection Procedures Under Title VII,' is a Q&A document without numbered sections that applies Title VII adverse impact analysis — including the four-fifths rule of thumb — to algorithmic selection procedures. FA-01's protected characteristic identification is the prerequisite scope-setting for that analysis. The document was removed from eeoc.gov in January 2025 following the executive-order rollback and is cited here as withdrawn guidance with archived copies available.",
      "normative_force": "supervisory-guidance",
      "source_version": "2023",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "satisfies"
     },
     {
      "framework": "doj_ai",
      "requirement_id": "ADA application to algorithmic hiring tools ('screen out' discrimination)",
      "fit": "partial",
      "rationale": "DOJ's May 2022 guidance 'Algorithms, Artificial Intelligence, and Disability Discrimination in Hiring' (ada.gov) explains how the Americans with Disabilities Act applies to algorithmic hiring tools, including employer liability when tools 'screen out' qualified individuals with disabilities. FA-01's protected characteristic scope must therefore include disability and the accommodation-sensitive contexts the guidance describes.",
      "normative_force": "supervisory-guidance",
      "source_version": "2022",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "satisfies"
     }
    ],
    "canonical_id": "apeiris://ethics/controls/FA-01",
    "meta": {
     "authored_on": "2026-06-29",
     "schema_version": "1.1.0"
    },
    "validation_objective": "Every AI system must have a documented protected characteristic register that enumerates all characteristics protected under each applicable jurisdiction's law, including identified proxy variables that may encode those characteristics, updated whenever jurisdictional scope or system use case changes.",
    "evidence_required": [
     "protected_characteristic_register listing each characteristic with jurisdiction_applicability, regulatory_basis (statute or directive citation), and proxy_variable_mapping",
     "jurisdictional_scope_analysis document identifying all operating jurisdictions and the applicable non-discrimination statutes for each",
     "proxy_variable_review_record showing assessment of training features for potential encoding of protected characteristics",
     "legal_or_compliance_sign_off_record confirming register completeness for current jurisdictional scope and use context"
    ],
    "machine_tests": [
     "Parse protected_characteristic_register → assert each entry contains jurisdiction_applicability, regulatory_basis, and proxy_mapping fields and no protected characteristic is listed without a regulatory citation",
     "Cross-reference register against FA-02 ABIA assessment scope → assert every characteristic in the register is present in the ABIA scope with no omissions",
     "Query register last_updated_date → assert date is within 180 days, or within 30 days of the most recent jurisdictional scope change event recorded in the system log"
    ],
    "human_review": [
     "Verify that the register covers all jurisdictions where the AI system operates, including any recent geographic expansion or new deployment context",
     "Assess whether proxy variable mappings are complete and reflect current understanding of feature-characteristic correlation risks for this system's specific feature set",
     "Confirm that legal or compliance sign-off is current and reflects any changes to applicable non-discrimination law since the last register review"
    ],
    "blocking_effect": "blocks-deployment",
    "normative_status": "binding-law",
    "anti_patterns": [
     "Relying on a single jurisdiction's protected characteristic list (e.g., GDPR special categories) without verifying completeness against all operating geographies' non-discrimination statutes",
     "Omitting proxy variable analysis and treating protected characteristic scope as limited to directly observed demographic attributes in the training data",
     "Using a static characteristic list established at initial deployment without updating when jurisdictional scope expands, use case changes, or applicable law is amended",
     "Excluding locally recognized protected classes not present in European frameworks (e.g., veteran status under VEVRAA, ancestry or gender identity under EEOC guidance)",
     "Conflating the protected characteristic register with a GDPR special category data inventory, missing characteristics that are legally protected under non-discrimination law but not GDPR-sensitive"
    ],
    "update_status": "current",
    "layer_code": "FA"
   },
   {
    "id": "FA-02",
    "layer": "FA",
    "plane": "both",
    "name": "Algorithmic Bias Impact Assessment",
    "plain": "AI systems must undergo a systematic algorithmic bias impact assessment that evaluates potential for biased outcomes across all protected groups identified in FA-01, covering both direct discrimination and disparate impact pathways.",
    "threat": {
     "tags": [
      "disparate-outcome",
      "proxy-discrimination",
      "undetected-bias",
      "feedback-loop-amplification"
     ],
     "desc": "AI systems trained on historical data inherit and amplify historical patterns of discrimination. Bias can enter through training data composition, label quality disparities, feature selection, model architecture choices, or objective function design. Without a structured impact assessment prior to deployment, systems propagate harmful outcomes at scale before they are detected. Feedback loops where biased outputs influence future training data compound the harm over time and are particularly difficult to detect post-deployment."
    },
    "standard": [
     {
      "id": "eu_ai_act",
      "section": "Art. 9(2)(b)",
      "title": "Risk management — bias testing in high-risk AI systems"
     },
     {
      "id": "nist_rmf",
      "section": "MAP 2.2",
      "title": "Scientific and empirical information on AI risk"
     },
     {
      "id": "ieee_7000",
      "section": "Clause 10",
      "title": "Ethical risk-based design — stakeholder and vulnerable-group risk"
     },
     {
      "id": "ibm_ai_fairness",
      "section": "Dataset and classifier fairness metrics",
      "title": "AIF360 pre-deployment bias measurement (dataset and classifier metrics)"
     }
    ],
    "sources": [
     {
      "id": "microsoft_rai_standard_v2_2022",
      "title": "Microsoft Responsible AI Standard v2",
      "authority": "Microsoft Corporation",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2",
      "published_on": "2022-06-21",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.microsoft.com/en-us/ai/responsible-ai",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "microsoft_rai_standard_v2_2022",
      "relationship": "informative_reference",
      "rationale": "Establishes Microsoft Responsible AI Standard v2 requirements informing the apeiris://ethics/controls/FA-02 Algorithmic Bias Impact Assessment control.",
      "reviewed_on": "2026-07-01"
     },
     {
      "id": "ibm_ai_fairness_360_2021",
      "title": "IBM AI Fairness 360 (AIF360)",
      "authority": "IBM Corporation",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2018",
      "published_on": "2018-09-19",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://github.com/Trusted-AI/AIF360",
      "license": "open-source-apache2",
      "status": "current",
      "flagship": false,
      "source_id": "ibm_ai_fairness_360_2021",
      "relationship": "informative_reference",
      "rationale": "Establishes IBM AI Fairness 360 (AIF360) requirements informing the apeiris://ethics/controls/FA-02 Algorithmic Bias Impact Assessment control.",
      "reviewed_on": "2026-07-02"
     },
     {
      "id": "ftc_ai_bias_2022",
      "title": "FTC — Aiming for Truth, Fairness, and Equity in Your Company's Use of AI",
      "authority": "Federal Trade Commission (FTC)",
      "source_type": "guidance",
      "normative_force": "supervisory-guidance",
      "version": "2021",
      "published_on": "2021-04-19",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.ftc.gov/business-guidance/blog/2021/04/aiming-truth-fairness-equity-your-companys-use-ai",
      "license": "public-domain",
      "status": "current",
      "flagship": false,
      "source_id": "ftc_ai_bias_2022",
      "relationship": "supporting_guidance",
      "rationale": "Establishes FTC — Aiming for Truth, Fairness, and Equity in Your Company's Use of AI requirements informing the apeiris://ethics/controls/FA-02 Algorithmic Bias Impact Assessment control.",
      "reviewed_on": "2026-07-02"
     },
     {
      "id": "plot4ai",
      "title": "PLOT4ai — Practical Library Of Threats 4 AI",
      "authority": "PLOT4ai",
      "source_type": "community",
      "normative_force": "best-practice",
      "version": "1.0",
      "published_on": "2022-01-01",
      "retrieved_on": "2026-07-08",
      "canonical_url": "https://plot4.ai/library",
      "relationship": "supporting_guidance",
      "note": "PLOT4ai Bias, Fairness & Discrimination threat category informs algorithmic-bias impact assessment."
     }
    ],
    "implementation": {
     "pattern": "Execute a structured Algorithmic Bias Impact Assessment (ABIA) at the pre-deployment stage and on a defined recurring cadence post-deployment. The ABIA evaluates each decision pathway in the model against the protected characteristic register, tests for both direct discrimination and disparate impact, documents findings, and produces a risk-rated report.",
     "steps": [
      "Define assessment scope using the Protected Characteristic Register from FA-01 and enumerate all decision outputs subject to bias analysis.",
      "For each protected characteristic, test training data composition for representation gaps and label quality disparities across groups.",
      "Evaluate model outputs for disparate rates of favorable and unfavorable decisions across protected groups using appropriate statistical tests.",
      "Document identified bias pathways, their estimated magnitude, affected population size, and risk severity rating.",
      "Review ABIA findings with ethics officer and legal counsel; record accepted residual risks with business justification."
     ],
     "ethics_officer": {
      "summary": "The ABIA is the primary pre-deployment gate for fairness risk. Ensure the assessment scope covers all decision outputs and that findings are reviewed before deployment approval.",
      "actions": [
       "Review ABIA methodology to confirm it covers all protected characteristics in scope.",
       "Convene a cross-functional review of ABIA findings before issuing deployment approval.",
       "Require re-assessment when model retraining or significant data distribution changes occur."
      ],
      "failure_signals": [
       "ABIA not completed before model deployment to production.",
       "ABIA scope does not match the Protected Characteristic Register."
      ]
     },
     "legal_counsel": {
      "summary": "Review ABIA findings for legal exposure under anti-discrimination law, particularly disparate impact pathways that may constitute unlawful discrimination even absent discriminatory intent.",
      "actions": [
       "Analyze ABIA findings for disparate impact patterns that exceed legally significant thresholds such as the four-fifths rule.",
       "Document legal risk assessment and recommended mitigations for high-severity findings.",
       "Confirm residual risk acceptance is documented and signed off at appropriate authority level."
      ],
      "failure_signals": [
       "Legally significant disparate impact findings not escalated to legal before deployment.",
       "Residual risk accepted without documented legal sign-off."
      ]
     },
     "data_scientist": {
      "summary": "Execute the technical components of the ABIA including data composition analysis, feature correlation analysis, and statistical testing of model outputs across protected groups.",
      "actions": [
       "Conduct representation analysis on training, validation, and test datasets by protected group.",
       "Run statistical output parity tests (selection rate, precision, recall) across protected groups.",
       "Document methodology, test statistics, and findings in the ABIA technical appendix."
      ],
      "failure_signals": [
       "Assessment uses only aggregate performance metrics without disaggregation by protected group.",
       "Statistical tests not adjusted for multiple comparisons across protected characteristics."
      ]
     },
     "grc_auditor": {
      "summary": "Verify ABIA process completeness, documentation quality, and that findings are appropriately escalated and remediated.",
      "actions": [
       "Review ABIA report completeness against assessment template requirements.",
       "Confirm that high-severity findings triggered remediation actions per FA-07.",
       "Track ABIA re-assessment cadence compliance."
      ],
      "metrics": [
       "ABIA completion rate before deployment: target 100% of high-risk AI systems.",
       "Time from ABIA finding to remediation initiation: target 15 business days or fewer for high-severity findings."
      ],
      "failure_signals": [
       "ABIA not completed on schedule for post-deployment re-assessment.",
       "High-severity findings without documented remediation plan."
      ]
     },
     "business_stakeholder": {
      "summary": "Business sponsors must understand ABIA findings relevant to their use case and formally accept or reject identified residual risks before system launch.",
      "actions": [
       "Review ABIA executive summary and risk-rated findings with the ethics officer.",
       "Formally accept residual risks within business authority or escalate to the appropriate level."
      ],
      "failure_signals": [
       "Business sponsor unable to articulate key bias risks associated with the deployed system.",
       "Risk acceptance decisions made without reviewing ABIA findings."
      ]
     }
    },
    "maturity": {
     "current": "initial",
     "target": "managed",
     "notes": "Structured pre-deployment bias impact assessments are rare outside regulated sectors; most organizations rely on aggregate accuracy metrics without protected group disaggregation."
    },
    "capability_risk": {
     "capability_level": "none"
    },
    "tiers": [
     "universal-enterprise",
     "high-risk-sector",
     "eu-high-risk-ai",
     "federated-enterprise",
     "multi-tenant"
    ],
    "implementers": [
     "Data Science",
     "Ethics Team",
     "Legal Counsel",
     "Risk Management"
    ],
    "frameworks": [
     {
      "framework": "eu_ai_act",
      "requirement_id": "Art. 9(2)(b)",
      "fit": "direct",
      "rationale": "Article 9(2)(b) of the EU AI Act requires that risk management for high-risk AI systems include testing procedures to identify and address foreseeable risks, explicitly including bias. A pre-deployment ABIA is the primary mechanism for satisfying this requirement.",
      "normative_force": "binding-law",
      "source_version": "2024/1689",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "satisfies"
     },
     {
      "framework": "nist_rmf",
      "requirement_id": "MAP 2.2",
      "fit": "direct",
      "rationale": "NIST AI RMF MAP 2.2 requires gathering scientific and empirical information about AI risks including bias and fairness risks across affected populations. The ABIA operationalizes this requirement by providing a structured empirical evaluation methodology.",
      "normative_force": "voluntary-standard",
      "source_version": "1.0",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "ieee_7000",
      "requirement_id": "Clause 10 (Ethical risk-based design)",
      "fit": "direct",
      "rationale": "IEEE 7000-2021 clause 10 defines the ethical risk-based design process, in which risks of value violations for stakeholders — including vulnerable groups — are identified and treated in system design. The ABIA extends this ethical risk assessment to the protected characteristic dimension required for AI fairness.",
      "normative_force": "voluntary-standard",
      "source_version": "2021",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "ibm_ai_fairness",
      "requirement_id": "Dataset and classifier fairness metrics",
      "fit": "direct",
      "rationale": "AIF360 implements pre-deployment bias measurement at both dataset level (e.g., disparate impact and statistical parity difference on training data) and classifier level (e.g., equalized odds difference on predictions). An ABIA under FA-02 can use these validated open-source implementations as its empirical testing toolkit.",
      "normative_force": "best-practice",
      "source_version": "2018",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "microsoft_rai",
      "requirement_id": "Goal A1 (Impact assessment); Goals F1–F3 (Fairness)",
      "fit": "partial",
      "rationale": "The Microsoft Responsible AI Standard v2 requires an Impact Assessment (Goal A1), and its Fairness Goals F1–F3 require fairness evaluation, before deployment. The ABIA fulfills the technical fairness evaluation component of this broader impact assessment requirement.",
      "normative_force": "best-practice",
      "source_version": "v2 (2022)",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "ftc_ai",
      "requirement_id": "FTC Act §5 (unfair or deceptive practices) — 2021 blog guidance (no numbered sections)",
      "fit": "direct",
      "rationale": "The FTC's April 2021 business guidance 'Aiming for Truth, Fairness, and Equity in Your Company's Use of AI' — a blog post without numbered sections — warns that selling or using racially biased algorithms can constitute an unfair or deceptive practice under Section 5 of the FTC Act. FA-02's documented pre-deployment bias testing is the evidentiary basis for meeting the FTC's reasonableness expectations.",
      "normative_force": "supervisory-guidance",
      "source_version": "2021",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "satisfies"
     },
     {
      "framework": "owasp_ai_exchange",
      "requirement_id": "unwantedbiastesting",
      "fit": "supporting",
      "rationale": "FA-02's Algorithmic Bias Impact Assessment covers training-data and prediction disparities across protected characteristics, supporting the bias-testing the AI Exchange control requires.",
      "normative_force": "industry-framework",
      "source_version": "continuously-updated",
      "reviewed_on": "2026-07-08",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "mitre",
      "requirement_id": "AML.M0008",
      "fit": "supporting",
      "direction": "control-supports-requirement",
      "rationale": "Control \"Every AI system subject to fairness evaluation must have a completed Algorithmic Bias…\" enacts ATLAS mitigation AML.M0008 Validate AI Model; OpenCRE crosswalks this control’s OWASP AI Exchange concept (unwantedbiastesting) to this mitigation.",
      "source_version": "v2026.06",
      "reviewed_on": "2026-07-08",
      "source_status": "authoritative",
      "mapping_confidence": "medium",
      "legal_status": "not-applicable",
      "control_readiness": "approved",
      "implementation_maturity": "developing",
      "assurance_result": "not-assessed",
      "evidence_status": "no-evidence",
      "normative_force": "industry-framework",
      "basis": "asserted",
      "relation": "equivalent_to",
      "correction": "ap38-opencre-enhancement 2026-07-08"
     }
    ],
    "canonical_id": "apeiris://ethics/controls/FA-02",
    "meta": {
     "authored_on": "2026-06-29",
     "schema_version": "1.1.0"
    },
    "validation_objective": "Every AI system subject to fairness evaluation must have a completed Algorithmic Bias Impact Assessment (ABIA) covering all protected characteristics in the FA-01 register, addressing both training data composition bias and model prediction disparities, completed before initial deployment and re-run after any material model or data change.",
    "evidence_required": [
     "algorithmic_bias_impact_assessment_report with per-characteristic findings, methodology description, direct discrimination and disparate impact pathways assessed, and risk rating for each finding",
     "training_data_composition_report showing demographic representation across protected groups relative to the reference deployment population",
     "model_prediction_disaggregation_report showing predicted outcome rates by protected characteristic with confidence intervals and statistical significance testing",
     "feedback_loop_risk_analysis documenting whether biased model outputs could influence future training data collection or labeling",
     "abia_reviewer_sign_off_record with reviewer credentials and date confirming independence from the model development team"
    ],
    "machine_tests": [
     "Run AIF360 or equivalent bias detection scan on training dataset → assert disparate impact ratios per protected characteristic are within defined thresholds (e.g., ≤0.20 absolute difference in positive outcome rates)",
     "Execute model prediction disaggregation test on held-out test set → assert no protected characteristic group shows adverse impact ratio below 0.80 (four-fifths rule)",
     "Verify ABIA report metadata → assert all FA-01 protected characteristics appear in the assessment scope and that no characteristic is listed as out-of-scope without documented justification"
    ],
    "human_review": [
     "Review ABIA methodology for coverage of indirect (proxy) discrimination pathways in addition to direct protected characteristic features",
     "Assess whether the feedback loop risk analysis adequately accounts for the specific deployment context where model outputs may influence data available for future retraining",
     "Verify that the ABIA report addresses intersectional subgroups defined by combinations of protected characteristics, not only single-characteristic analysis"
    ],
    "blocking_effect": "blocks-deployment",
    "normative_status": "binding-law",
    "anti_patterns": [
     "Using aggregate model accuracy metrics as a proxy for fairness without disaggregating performance by each protected characteristic in the FA-01 register",
     "Conducting bias assessment on synthetic or sanitized test data that does not represent the demographic distribution of the actual deployment population",
     "Performing the ABIA only once at initial deployment without re-running it after model updates, data distribution shifts, or changes in deployment context",
     "Addressing bias only at the model prediction layer while omitting bias introduced by training data composition, label quality disparities across groups, and feature selection decisions",
     "Conflating absence of protected characteristics as explicit input features with absence of bias risk, ignoring proxy variable pathways identified in FA-01"
    ],
    "update_status": "current",
    "layer_code": "FA"
   },
   {
    "id": "FA-03",
    "layer": "FA",
    "plane": "data",
    "name": "Fairness Metric Selection and Justification",
    "plain": "For each AI system subject to fairness evaluation, the organization must select appropriate fairness metrics for the specific use case, document the trade-offs between competing metric definitions, and justify the chosen metrics with reference to affected populations and applicable legal standards.",
    "threat": {
     "tags": [
      "metric-gaming",
      "fairness-metric-mismatch",
      "incompatibility-blindness",
      "false-compliance"
     ],
     "desc": "Mathematical fairness metrics are mutually incompatible in all but trivial cases: a system cannot simultaneously satisfy demographic parity, equalized odds, and predictive rate parity when base rates differ across groups. Organizations that select metrics without understanding these trade-offs either inadvertently accept hidden unfairness or claim compliance with one metric while violating others that are more appropriate to the use case. Unscrupulous actors may also cherry-pick metrics that their system satisfies while ignoring metrics that reveal discrimination."
    },
    "standard": [
     {
      "id": "nist_rmf",
      "section": "MEASURE 2.11",
      "title": "Fairness and bias evaluated with results demonstrated"
     },
     {
      "id": "ibm_ai_fairness",
      "section": "Fairness metric taxonomy",
      "title": "AIF360 fairness metric taxonomy and incompatibility properties (~70 metrics)"
     },
     {
      "id": "ieee_7000",
      "section": "§7.3",
      "title": "Value elicitation and operationalization"
     },
     {
      "id": "acm_ethics",
      "section": "§1.4",
      "title": "Fair and equitable treatment in system design"
     }
    ],
    "sources": [
     {
      "id": "ibm_ai_fairness_360_2021",
      "title": "IBM AI Fairness 360 (AIF360)",
      "authority": "IBM Corporation",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2018",
      "published_on": "2018-09-19",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://github.com/Trusted-AI/AIF360",
      "license": "open-source-apache2",
      "status": "current",
      "flagship": false,
      "source_id": "ibm_ai_fairness_360_2021",
      "relationship": "informative_reference",
      "rationale": "Establishes IBM AI Fairness 360 (AIF360) requirements informing the apeiris://ethics/controls/FA-03 Fairness Metric Selection and Justification control.",
      "reviewed_on": "2026-07-02"
     },
     {
      "id": "nyc_ll144_2021",
      "title": "NYC Local Law 144 — Automated Employment Decision Tools",
      "authority": "New York City Council",
      "source_type": "regulation",
      "normative_force": "binding-law",
      "version": "2021",
      "published_on": "2021-12-11",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://legistar.council.nyc.gov/LegislationDetail.aspx?ID=4344524",
      "license": "public-domain",
      "status": "current",
      "flagship": false,
      "source_id": "nyc_ll144_2021",
      "relationship": "normative_requirement",
      "rationale": "Establishes NYC Local Law 144 — Automated Employment Decision Tools requirements informing the apeiris://ethics/controls/FA-03 Fairness Metric Selection and Justification control.",
      "reviewed_on": "2026-07-01"
     }
    ],
    "implementation": {
     "pattern": "Conduct a Fairness Metric Selection Workshop for each AI system as part of the pre-deployment fairness review. The workshop produces a Fairness Metric Justification Document that records selected metrics, rejected metrics with reasons, known incompatibilities, and how the selection reflects the interests of affected populations.",
     "steps": [
      "Enumerate candidate fairness metrics relevant to the decision context including demographic parity, equalized odds, calibration, individual fairness, and counterfactual fairness.",
      "Analyze which metrics are mathematically compatible given the distribution of outcomes across groups and the base rate structure of the problem.",
      "Consult with representatives of affected populations or their advocates to understand which fairness conception aligns with their interests.",
      "Document the chosen primary and secondary metrics, the rationale for prioritizing them, and the accepted trade-offs against rejected metrics.",
      "Record the Fairness Metric Justification Document in the system's ethics dossier and reference it in all subsequent bias testing."
     ],
     "ethics_officer": {
      "summary": "Fairness metric selection is a value judgment, not purely a technical decision. Ensure affected population perspectives inform the selection and that incompatibility trade-offs are explicitly acknowledged.",
      "actions": [
       "Facilitate the Fairness Metric Selection Workshop with data science and legal counsel.",
       "Ensure consultation with affected population representatives is documented.",
       "Approve the Fairness Metric Justification Document before fairness testing begins."
      ],
      "failure_signals": [
       "Metrics selected solely by data science without ethics or legal input.",
       "Justification document does not address known incompatibilities between selected and rejected metrics."
      ]
     },
     "legal_counsel": {
      "summary": "Review metric selection to ensure chosen metrics align with the legal standard applicable in the deployment jurisdiction, since disparate impact law typically uses demographic parity or the four-fifths rule while equal treatment claims may focus on individual fairness.",
      "actions": [
       "Map selected metrics to the applicable legal non-discrimination standard for the use case.",
       "Flag metric choices that may satisfy a technical fairness criterion while remaining legally vulnerable.",
       "Document legal guidance on metric selection in the Fairness Metric Justification Document."
      ],
      "failure_signals": [
       "Selected metrics incompatible with legal disparate impact standard in deployment jurisdiction.",
       "No legal review of metric selection for employment or housing decision systems."
      ]
     },
     "data_scientist": {
      "summary": "Provide technical analysis of metric compatibility, compute actual metric values on hold-out test data, and document the empirical basis for metric selection.",
      "actions": [
       "Compute all candidate metrics on disaggregated test data and present results to the workshop.",
       "Demonstrate mathematically why certain metric combinations are incompatible given observed base rate differences.",
       "Implement the selected metrics in the automated fairness evaluation pipeline."
      ],
      "failure_signals": [
       "Metric selection not informed by empirical computation on actual test data.",
       "Automated evaluation pipeline implements different metrics than those in the justification document."
      ]
     },
     "grc_auditor": {
      "summary": "Verify that a Fairness Metric Justification Document exists for each high-risk AI system and that it addresses incompatibility trade-offs and affected population consultation.",
      "actions": [
       "Request the Fairness Metric Justification Document for each system under audit.",
       "Verify the document addresses metric incompatibility, legal alignment, and population consultation.",
       "Confirm metrics in the document match those used in actual bias testing reports."
      ],
      "metrics": [
       "Fairness Metric Justification Document coverage: 100% of high-risk AI systems.",
       "Document review cycle: at minimum annually or upon significant model change."
      ],
      "failure_signals": [
       "Justification document missing or predates the most recent model version.",
       "Metrics in justification document inconsistent with metrics in bias test reports."
      ]
     },
     "business_stakeholder": {
      "summary": "Business stakeholders must understand which fairness metrics apply to their AI system and how the chosen metrics reflect the interests of customers or employees the system affects.",
      "actions": [
       "Review plain-language summary of chosen fairness metrics and accepted trade-offs.",
       "Confirm the selected metrics align with the company's stated fairness commitments and customer expectations."
      ],
      "failure_signals": [
       "Business sponsor cannot articulate which fairness metrics apply to their system.",
       "Metric selection made without business awareness of the use-case implications."
      ]
     }
    },
    "maturity": {
     "current": "initial",
     "target": "defined",
     "notes": "Most organizations either apply a single default metric or apply no explicit metrics; formal justification documents addressing incompatibility trade-offs are uncommon."
    },
    "capability_risk": {
     "capability_level": "none"
    },
    "tiers": [
     "universal-enterprise",
     "high-risk-sector",
     "eu-high-risk-ai",
     "federated-enterprise"
    ],
    "implementers": [
     "Data Science",
     "Ethics Team",
     "Legal Counsel",
     "Product Management"
    ],
    "frameworks": [
     {
      "framework": "nist_rmf",
      "requirement_id": "MEASURE 2.11",
      "fit": "direct",
      "rationale": "NIST AI RMF MEASURE 2.11 requires that fairness and bias are evaluated, with results demonstrated and measurement approaches documented and justified with reference to context, stakeholders, and applicable standards. The Fairness Metric Justification Document is the primary artifact satisfying this measurement documentation requirement.",
      "normative_force": "voluntary-standard",
      "source_version": "1.0",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "ibm_ai_fairness",
      "requirement_id": "Fairness metric taxonomy (~70 metrics)",
      "fit": "direct",
      "rationale": "AIF360 catalogues roughly 70 fairness metrics and documents that several core definitions (demographic parity, equalized odds, calibration) are mutually incompatible except in degenerate cases. FA-03's Fairness Metric Justification Document draws on this taxonomy and its documented incompatibility properties when justifying metric selection.",
      "normative_force": "best-practice",
      "source_version": "2018",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "ieee_7000",
      "requirement_id": "§7.3",
      "fit": "direct",
      "rationale": "IEEE 7000-2021 §7.3 requires value operationalization—translating ethical values into measurable criteria. Fairness metric selection is the primary operationalization step for the non-discrimination value, and this control fulfills the IEEE 7000 requirement to document that operationalization.",
      "normative_force": "voluntary-standard",
      "source_version": "2021",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "acm_ethics",
      "requirement_id": "§1.4",
      "fit": "partial",
      "rationale": "ACM Code of Ethics §1.4 requires computing professionals to take action to avoid discrimination, which includes selecting evaluation metrics that actually detect the forms of discrimination relevant to the deployment context. This control operationalizes that professional obligation.",
      "normative_force": "best-practice",
      "source_version": "2018",
      "reviewed_on": "2026-06-29",
      "basis": "asserted",
      "relation": "informs"
     },
     {
      "framework": "eu_ai_act",
      "requirement_id": "Annex IV §2(g)",
      "fit": "partial",
      "rationale": "EU AI Act Annex IV §2(g) requires technical documentation to describe the metrics used to measure performance, including fairness performance. The Fairness Metric Justification Document satisfies the documentation of fairness measurement methodology required in the technical documentation.",
      "normative_force": "binding-law",
      "source_version": "2024/1689",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "satisfies"
     },
     {
      "framework": "nyc_ll144",
      "requirement_id": "§20-871 (Bias audit requirements)",
      "fit": "direct",
      "rationale": "NYC Local Law 144 requires annual independent bias audits of Automated Employment Decision Tools used to screen NYC candidates; FA-03 bias audit program is the direct implementation vehicle.",
      "normative_force": "binding-law",
      "source_version": "2021",
      "reviewed_on": "2026-06-29",
      "basis": "asserted",
      "relation": "satisfies"
     }
    ],
    "canonical_id": "apeiris://ethics/controls/FA-03",
    "meta": {
     "authored_on": "2026-06-29",
     "schema_version": "1.1.0"
    },
    "validation_objective": "For each AI system subject to fairness evaluation, a documented Fairness Metric Justification Document must specify the selected metrics with rationale, demonstrate awareness of mathematical incompatibilities between candidate metrics in the context of this system's base rates, and document why chosen metrics are appropriate for affected populations and applicable legal standards.",
    "evidence_required": [
     "fairness_metric_justification_document identifying each selected metric (e.g., demographic_parity, equalized_odds, predictive_rate_parity) with rationale for selection and explicit acknowledgment of trade-offs against rejected alternative metrics",
     "metric_incompatibility_analysis demonstrating awareness of which metrics cannot simultaneously be satisfied for this system given base-rate differences across protected groups",
     "legal_alignment_record mapping selected metrics to requirements in applicable law (e.g., four-fifths rule for EEOC and LL144, equal error rates for credit contexts)",
     "affected_population_consultation_record documenting input from representatives of affected groups on metric priorities and harm weightings"
    ],
    "machine_tests": [
     "Parse fairness_metric_justification_document → assert at least one primary and one alternative metric are documented and that an incompatibility analysis section is present and non-empty",
     "Check metric selection against applicable regulatory context flags → assert four-fifths rule compliance test is mandated for any system flagged as subject to employment or credit adverse action law",
     "Verify legal_alignment_record exists and is linked to the justification document → assert at least one mapping to an applicable regulation or standard is present"
    ],
    "human_review": [
     "Assess whether the chosen metrics are appropriate for the decision type (binary classifier, ranking, regression) and harm typology (opportunity denial, accuracy disparity, representation harm)",
     "Verify that the incompatibility analysis is substantive — confirm the document does not assert metric compatibility without addressing the impossibility theorems that apply when base rates differ across groups",
     "Confirm that affected population consultation was meaningful and documented, and that it influenced metric prioritization rather than serving as procedural box-checking"
    ],
    "blocking_effect": "blocks-deployment",
    "normative_status": "binding-law",
    "anti_patterns": [
     "Selecting demographic parity as the sole fairness metric without assessing whether equal base rates exist across groups, ignoring cases where parity conflicts with equalized odds",
     "Cherry-picking the metric that the existing system already satisfies rather than selecting metrics based on the decision context and harm typology",
     "Treating fairness metric selection as a technical decision made unilaterally by model developers without legal, policy, or affected population input",
     "Documenting metric selection without an incompatibility analysis, creating a compliance artifact that cannot withstand adversarial scrutiny from a regulator or auditor",
     "Using custom or proprietary metric definitions that cannot be independently verified or replicated by external auditors reviewing the bias test results"
    ],
    "update_status": "current",
    "layer_code": "FA"
   },
   {
    "id": "FA-04",
    "layer": "FA",
    "plane": "lifecycle",
    "name": "Independent Bias Testing Methodology",
    "plain": "Bias testing for AI systems subject to fairness requirements must be conducted using documented, independent testing methodologies that prevent self-serving assessment, with audit protocols aligned to NYC Local Law 144 and equivalent international standards.",
    "threat": {
     "tags": [
      "self-serving-audit",
      "audit-independence-failure",
      "methodology-opacity",
      "bias-masking"
     ],
     "desc": "Bias testing conducted solely by the teams that built and deployed an AI system is structurally compromised: internal testers face conflicts of interest, may unconsciously design tests that favor favorable results, and lack the external credibility required by regulators and affected communities. NYC Local Law 144 and emerging international equivalents specifically require independent auditing to address this structural conflict. Methodological opacity where audit protocols are not documented makes it impossible to assess whether testing was rigorous and prevents meaningful third-party review."
    },
    "standard": [
     {
      "id": "eu_ai_act",
      "section": "Art. 9(6)",
      "title": "Testing against preliminary identified risk management measures"
     },
     {
      "id": "nist_rmf",
      "section": "MEASURE 2.11",
      "title": "Fairness assessment through external verification"
     },
     {
      "id": "iso_42001",
      "section": "9.1",
      "title": "Monitoring, measurement, analysis and evaluation"
     },
     {
      "id": "acm_ethics",
      "section": "§2.5",
      "title": "Integrity of professional work and independence"
     }
    ],
    "sources": [
     {
      "id": "microsoft_rai_standard_v2_2022",
      "title": "Microsoft Responsible AI Standard v2",
      "authority": "Microsoft Corporation",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2",
      "published_on": "2022-06-21",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.microsoft.com/en-us/ai/responsible-ai",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "microsoft_rai_standard_v2_2022",
      "relationship": "informative_reference",
      "rationale": "Establishes Microsoft Responsible AI Standard v2 requirements informing the apeiris://ethics/controls/FA-04 Independent Bias Testing Methodology control.",
      "reviewed_on": "2026-07-01"
     }
    ],
    "implementation": {
     "pattern": "Establish a documented Independent Bias Testing Protocol that specifies methodology, independence requirements, audit scope, data access controls, and reporting standards. For systems subject to NYC LL144 or equivalent regulations, engage an independent auditor satisfying applicable independence definitions. Document all protocols in the system's ethics dossier.",
     "steps": [
      "Define independence criteria for bias testing: internal independence (separate team, no reporting line to system owner) or external independence (third-party auditor) based on risk level.",
      "Document the bias testing protocol: data sample selection method, statistical tests to be applied, protected characteristics in scope, and reporting template.",
      "For NYC LL144-scoped systems, engage an independent auditor and confirm they meet the definition of independent auditor under the law.",
      "Execute bias testing according to the documented protocol; retain all intermediate data, test statistics, and analyst notes as audit evidence.",
      "Publish bias audit summary results in accordance with applicable disclosure requirements."
     ],
     "ethics_officer": {
      "summary": "Independent bias testing is the operational backbone of the fairness assurance program. Ensure independence criteria are appropriate to the risk level of each system and that protocol documentation is maintained.",
      "actions": [
       "Approve independence criteria for each AI system classification.",
       "Review testing protocols before each audit cycle to confirm they remain appropriate.",
       "Escalate any independence conflicts identified during an audit engagement."
      ],
      "failure_signals": [
       "Bias testing conducted by the same team that built the model without documented independence controls.",
       "Testing protocol not documented before testing begins."
      ]
     },
     "legal_counsel": {
      "summary": "For systems subject to NYC LL144 or analogous regulations, confirm that the selected auditor meets statutory independence requirements and that disclosure obligations are satisfied.",
      "actions": [
       "Review auditor independence documentation against NYC LL144 definitions.",
       "Advise on disclosure timing and content requirements.",
       "Review audit report before public disclosure for legal privilege and confidentiality considerations."
      ],
      "failure_signals": [
       "Auditor independence not validated before engagement for LL144-scoped systems.",
       "Audit summary report not published within required timeframe."
      ]
     },
     "data_scientist": {
      "summary": "Provide data access, feature documentation, and technical support to the independent auditor while maintaining audit integrity—do not alter data or models during the audit period.",
      "actions": [
       "Prepare a reproducible data extract for the audit period following the documented sampling protocol.",
       "Document all features and their derivation for auditor review.",
       "Do not modify models, features, or scoring thresholds during the active audit window."
      ],
      "failure_signals": [
       "Model or feature changes made during the audit period without auditor notification.",
       "Data extract not reproducible from documented sampling protocol."
      ]
     },
     "grc_auditor": {
      "summary": "Verify that independent bias testing is conducted on schedule, that independence criteria are met, and that audit findings are properly disclosed and remediated.",
      "actions": [
       "Confirm auditor independence documentation for each audit engagement.",
       "Review audit report completeness against protocol requirements.",
       "Track remediation of audit findings against SLA."
      ],
      "metrics": [
       "Audit protocol documentation coverage: 100% of systems subject to fairness requirements.",
       "Auditor independence documentation completed before audit start: 100%.",
       "Audit findings remediated within SLA: target 90% or above."
      ],
      "failure_signals": [
       "Audit conducted without a pre-existing documented protocol.",
       "Independence documentation missing for any audit engagement."
      ]
     },
     "business_stakeholder": {
      "summary": "Business sponsors must ensure budget and resourcing for independent bias testing is included in the AI system lifecycle plan.",
      "actions": [
       "Include independent bias testing cost and timeline in AI system project budget.",
       "Ensure production data access for auditors is provisioned in the project plan."
      ],
      "failure_signals": [
       "Independent bias testing deferred due to budget or timeline constraints.",
       "Auditor data access not provisioned before scheduled audit start."
      ]
     }
    },
    "maturity": {
     "current": "initial",
     "target": "defined",
     "notes": "Documented independent bias testing protocols are rare; most organizations conduct ad hoc internal testing without documented methodology or independence controls."
    },
    "capability_risk": {
     "capability_level": "none"
    },
    "tiers": [
     "universal-enterprise",
     "high-risk-sector",
     "eu-high-risk-ai",
     "federated-enterprise"
    ],
    "implementers": [
     "Ethics Team",
     "Data Science",
     "Legal Counsel",
     "Third-Party Auditor"
    ],
    "frameworks": [
     {
      "framework": "eu_ai_act",
      "requirement_id": "Art. 9(6)",
      "fit": "direct",
      "rationale": "Article 9(6) of the EU AI Act requires that high-risk AI systems be tested against preliminary identified risk management measures, including bias. This control operationalizes that testing requirement with documented independent methodology.",
      "normative_force": "binding-law",
      "source_version": "2024/1689",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "satisfies"
     },
     {
      "framework": "nist_rmf",
      "requirement_id": "MEASURE 2.11",
      "fit": "direct",
      "rationale": "NIST AI RMF MEASURE 2.11 recommends that fairness and bias evaluations use diverse evaluation methods including external red-teaming and independent assessment. This control establishes the independence and documentation requirements that make such external assessment credible.",
      "normative_force": "voluntary-standard",
      "source_version": "1.0",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "iso_42001",
      "requirement_id": "§9.1",
      "fit": "direct",
      "rationale": "ISO/IEC 42001 §9.1 requires the organization to monitor, measure, analyze, and evaluate its AI management system, including the effectiveness of controls. Independent bias testing is the primary measurement mechanism for fairness controls.",
      "normative_force": "certification-standard",
      "source_version": "2023",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "acm_ethics",
      "requirement_id": "§2.5",
      "fit": "partial",
      "rationale": "ACM Code of Ethics §2.5 requires professional integrity in work products, which includes not allowing conflicts of interest to compromise the objectivity of technical assessments. Independence requirements in bias testing are the operational expression of this professional ethics obligation.",
      "normative_force": "best-practice",
      "source_version": "2018",
      "reviewed_on": "2026-06-29",
      "basis": "asserted",
      "relation": "informs"
     },
     {
      "framework": "microsoft_rai",
      "requirement_id": "Goal A2 (Oversight of significant adverse impacts)",
      "fit": "partial",
      "rationale": "Microsoft Responsible AI Standard v2 Goal A2 (oversight of significant adverse impacts) subjects high-impact AI systems to additional review, supporting independent fairness assessment. This control aligns with that recommendation and extends it with documented protocol requirements and regulatory alignment for NYC LL144-scoped systems.",
      "normative_force": "best-practice",
      "source_version": "v2 (2022)",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "owasp_ai_exchange",
      "requirement_id": "unwantedbiastesting",
      "fit": "direct",
      "rationale": "FA-04 requires a pre-registered, conflict-free bias-testing protocol with retained findings, directly operationalizing AI Exchange's UNWANTED BIAS TESTING.",
      "normative_force": "industry-framework",
      "source_version": "continuously-updated",
      "reviewed_on": "2026-07-08",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "mitre",
      "requirement_id": "AML.M0008",
      "fit": "supporting",
      "direction": "control-supports-requirement",
      "rationale": "Control \"Bias testing for AI systems subject to fairness requirements must be executed under a…\" enacts ATLAS mitigation AML.M0008 Validate AI Model; OpenCRE crosswalks this control’s OWASP AI Exchange concept (unwantedbiastesting) to this mitigation.",
      "source_version": "v2026.06",
      "reviewed_on": "2026-07-08",
      "source_status": "authoritative",
      "mapping_confidence": "medium",
      "legal_status": "not-applicable",
      "control_readiness": "approved",
      "implementation_maturity": "developing",
      "assurance_result": "not-assessed",
      "evidence_status": "no-evidence",
      "normative_force": "industry-framework",
      "basis": "asserted",
      "relation": "equivalent_to",
      "correction": "ap38-opencre-enhancement 2026-07-08"
     }
    ],
    "canonical_id": "apeiris://ethics/controls/FA-04",
    "meta": {
     "authored_on": "2026-06-29",
     "schema_version": "1.1.0"
    },
    "validation_objective": "Bias testing for AI systems subject to fairness requirements must be executed under a documented, pre-registered protocol by a tester with no organizational conflict of interest with the model development team, with all findings retained in an immutable log and reported without post-hoc filtering.",
    "evidence_required": [
     "independent_bias_test_protocol_document published prior to test execution specifying methodology, test datasets, metrics, and pass/fail thresholds",
     "tester_independence_certification confirming the testing entity or individual has no direct reporting relationship to or financial interest in the model development team, signed by a party outside the model development chain",
     "bias_test_execution_log with timestamped test runs, inputs, and outputs in an immutable or append-only store preventing retroactive modification",
     "bias_test_findings_report including all findings (not only passing results) with statistical support, identified disparity locations, and remediation recommendations"
    ],
    "machine_tests": [
     "Check bias_test_protocol_document → assert published_date is strictly before test_execution_start_date recorded in the execution log (no retroactive protocol definition)",
     "Verify tester_independence_certification → assert certification_signer is outside the model development organizational unit and certification_date is within 90 days of test execution start",
     "Parse bias_test_execution_log → assert log entries are append-only with no deletion or modification events in the audit trail since test commencement"
    ],
    "human_review": [
     "Assess whether the tester's independence is substantive — verify no shared management chain, financial incentive structure, or reputational dependence on favorable results",
     "Review the bias test protocol before execution to confirm it covers all protected characteristics from FA-01 and all metrics selected in FA-03, approving the protocol before test execution begins",
     "Verify that the findings report was not filtered or redacted before submission to governance reviewers, and that all identified bias issues appear in the delivered findings"
    ],
    "blocking_effect": "blocks-deployment",
    "normative_status": "binding-law",
    "anti_patterns": [
     "Designating a member of the model development team as independent tester based on nominal organizational separation while they remain subject to the same product delivery incentives",
     "Designing the test protocol after viewing preliminary model results, allowing the protocol to be structured to produce favorable outcomes",
     "Reporting only test results that pass the defined thresholds while omitting findings revealing disparate impact on protected subgroups",
     "Treating a single pre-deployment test as satisfying ongoing independence requirements for systems that continue to learn or update post-deployment",
     "Allowing the model development team to select or brief the independent tester in ways that create dependency or communicate desired outcomes before the engagement begins"
    ],
    "update_status": "current",
    "layer_code": "FA"
   },
   {
    "id": "FA-05",
    "layer": "FA",
    "plane": "control",
    "name": "NYC Local Law 144 and Analogous Audit Compliance",
    "plain": "AI systems that qualify as Automated Employment Decision Tools under NYC Local Law 144, or equivalent automated decision tools under analogous regulations, must comply with applicable audit, disclosure, and candidate notice requirements before use.",
    "threat": {
     "tags": [
      "regulatory-noncompliance",
      "aedt-scope-miss",
      "disclosure-failure",
      "audit-gap"
     ],
     "desc": "NYC Local Law 144 imposes specific requirements on employers and employment agencies using AEDTs in New York City, including annual independent bias audits, public posting of audit summaries, and candidate notice and accommodation rights. Organizations that fail to identify in-scope tools, engage unqualified auditors, or omit required disclosures face regulatory enforcement, civil liability, and reputational harm. The regulatory landscape for automated employment and credit decisions is rapidly expanding beyond NYC, and organizations that treat LL144 as a point-in-time compliance exercise will face repeated remediation cycles as analogous laws take effect."
    },
    "standard": [
     {
      "id": "eu_ai_act",
      "section": "Art. 26",
      "title": "Obligations of deployers of high-risk AI systems"
     },
     {
      "id": "nist_rmf",
      "section": "GOVERN 4.1",
      "title": "Organizational accountability for AI legal compliance"
     },
     {
      "id": "iso_42001",
      "section": "4.2",
      "title": "Understanding the needs and expectations of interested parties"
     },
     {
      "id": "oecd_ai_principles",
      "section": "Principle 1.5",
      "title": "Accountability of AI actors"
     }
    ],
    "sources": [
     {
      "id": "microsoft_rai_standard_v2_2022",
      "title": "Microsoft Responsible AI Standard v2",
      "authority": "Microsoft Corporation",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2",
      "published_on": "2022-06-21",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.microsoft.com/en-us/ai/responsible-ai",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "microsoft_rai_standard_v2_2022",
      "relationship": "informative_reference",
      "rationale": "Establishes Microsoft Responsible AI Standard v2 requirements informing the apeiris://ethics/controls/FA-05 NYC Local Law 144 and Analogous Audit Compliance control.",
      "reviewed_on": "2026-07-01"
     }
    ],
    "implementation": {
     "pattern": "Maintain an AEDT Applicability Register that identifies all AI-informed employment decision tools, assesses their scope under NYC LL144 and analogous regulations, and tracks compliance status for each requirement: annual audit, audit summary publication, candidate notice, and accommodation process.",
     "steps": [
      "Survey all AI systems used in hiring, promotion, and employment decision processes to identify those meeting the AEDT definition under NYC LL144.",
      "For each in-scope AEDT, document the annual audit schedule, the selected auditor confirming independence per LL144 definitions, and the audit scope covering race/ethnicity and sex scoring rate analysis.",
      "Post the required audit summary to a publicly accessible URL at least 10 days before deploying the AEDT to NYC-based job candidates or employees.",
      "Implement candidate notice processes: inform applicants and employees that an AEDT is being used and provide the option to request an alternative selection process.",
      "Monitor analogous regulatory developments in other jurisdictions including EU AI Act employment provisions and state-level equivalents, and update the register when new requirements apply."
     ],
     "ethics_officer": {
      "summary": "LL144 compliance is not solely a legal function—the ethics program must maintain the AEDT register and ensure audit quality standards exceed minimum legal requirements.",
      "actions": [
       "Maintain the AEDT Applicability Register and review it quarterly.",
       "Ensure audit quality meets ethics program standards, not only minimum legal standards.",
       "Monitor analogous regulatory developments and update compliance protocols accordingly."
      ],
      "failure_signals": [
       "AEDT register not reviewed in the past quarter.",
       "New hiring tools deployed without AEDT applicability assessment."
      ]
     },
     "legal_counsel": {
      "summary": "Legal counsel owns the legal compliance determination for LL144 and must confirm auditor independence, disclosure content, and notice process design.",
      "actions": [
       "Confirm AEDT applicability determinations in the register for each tool.",
       "Review audit summary content before public posting for accuracy and legal adequacy.",
       "Design and review candidate notice language for compliance with LL144 §20-871."
      ],
      "failure_signals": [
       "Audit summary posted without legal review.",
       "Candidate notice not implemented or not reflecting current audit status."
      ]
     },
     "data_scientist": {
      "summary": "Prepare the technical data package required for LL144 audits—scoring rate data disaggregated by race/ethnicity and sex—and support the auditor's data access.",
      "actions": [
       "Generate disaggregated scoring rate analysis (impact ratio) by race/ethnicity and sex categories for the audit period.",
       "Provide the auditor with a reproducible data extract and feature documentation.",
       "Verify audit findings against internally computed baseline metrics."
      ],
      "failure_signals": [
       "Scoring rate data not disaggregated to required demographic granularity.",
       "Data extract for audit not reproducible."
      ]
     },
     "grc_auditor": {
      "summary": "Verify that all in-scope AEDTs have completed required annual audits, that summaries are publicly posted, and that candidate notice processes are implemented.",
      "actions": [
       "Review AEDT register completeness against known hiring tool inventory.",
       "Confirm annual audit completion dates and public posting URLs.",
       "Test candidate notice process for a sample of active job postings."
      ],
      "metrics": [
       "AEDT audit completion rate: 100% of in-scope tools audited annually.",
       "Audit summary public posting: completed 10 or more days before AEDT deployment.",
       "Candidate notice implementation: 100% of NYC-located job postings with AEDT use."
      ],
      "failure_signals": [
       "Any in-scope AEDT without a completed annual audit.",
       "Audit summary not publicly posted or removed without replacement."
      ]
     },
     "business_stakeholder": {
      "summary": "HR, talent acquisition, and business leaders deploying AEDTs in NYC must understand their obligations and ensure procurement and deployment processes include LL144 compliance gates.",
      "actions": [
       "Include LL144 compliance assessment in procurement checklist for any AI-assisted hiring or promotion tool.",
       "Ensure candidate notice process is implemented before activating AEDT for NYC candidates."
      ],
      "failure_signals": [
       "AEDT deployed for NYC candidates without ethics or legal review.",
       "Business unit unaware of candidate notice obligations."
      ]
     }
    },
    "maturity": {
     "current": "initial",
     "target": "defined",
     "notes": "NYC LL144 took effect January 2023; compliance rates remain low particularly for mid-market employers. Most organizations lack an AEDT applicability register and have not mapped analogous emerging regulations."
    },
    "capability_risk": {
     "capability_level": "none"
    },
    "tiers": [
     "universal-enterprise",
     "high-risk-sector",
     "eu-high-risk-ai"
    ],
    "implementers": [
     "Legal Counsel",
     "HR / Talent Acquisition",
     "Ethics Team",
     "Data Science"
    ],
    "frameworks": [
     {
      "framework": "eu_ai_act",
      "requirement_id": "Art. 26",
      "fit": "partial",
      "rationale": "EU AI Act Article 26 imposes obligations on deployers of high-risk AI systems including maintaining logs, ensuring human oversight, and informing individuals subject to automated decisions. NYC LL144-scoped systems should be governed in parallel with EU AI Act deployer obligations where both regimes apply.",
      "normative_force": "binding-law",
      "source_version": "2024/1689",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "satisfies"
     },
     {
      "framework": "nist_rmf",
      "requirement_id": "GOVERN 4.1",
      "fit": "direct",
      "rationale": "NIST AI RMF GOVERN 4.1 establishes that organizational accountability structures must address legal and regulatory compliance requirements for AI. The AEDT compliance program is the accountability mechanism for the specific legal obligations imposed by LL144.",
      "normative_force": "voluntary-standard",
      "source_version": "1.0",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "iso_42001",
      "requirement_id": "§4.2",
      "fit": "partial",
      "rationale": "ISO/IEC 42001 §4.2 requires understanding the needs and expectations of interested parties including regulatory bodies. LL144 compliance represents a binding regulatory expectation that must be built into the AI management system's context of operation.",
      "normative_force": "certification-standard",
      "source_version": "2023",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "oecd_ai_principles",
      "requirement_id": "Principle 1.5",
      "fit": "partial",
      "rationale": "OECD AI Principle 1.5 (Accountability) requires AI actors to be accountable for the proper functioning of AI systems consistent with the principles. NYC LL144 compliance is a concrete legal accountability obligation, and the AEDT compliance program is the mechanism demonstrating adherence to the accountability principle.",
      "normative_force": "voluntary-standard",
      "source_version": "2024",
      "reviewed_on": "2026-07-02",
      "basis": "asserted",
      "relation": "informs"
     },
     {
      "framework": "microsoft_rai",
      "requirement_id": "Goals A1–A5 (Accountability)",
      "fit": "adjacent",
      "rationale": "Microsoft Responsible AI Standard v2 Accountability Goals (A1–A5) address accountability for AI systems, including ensuring they are fit for purpose and governed under applicable law. LL144 represents a key accountability obligation that responsible AI programs must track and satisfy.",
      "normative_force": "best-practice",
      "source_version": "v2 (2022)",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     }
    ],
    "canonical_id": "apeiris://ethics/controls/FA-05",
    "meta": {
     "authored_on": "2026-06-29",
     "schema_version": "1.1.0"
    },
    "validation_objective": "Any Automated Employment Decision Tool used in New York City, and any analogous automated decision system subject to equivalent regulation, must complete an annual independent bias audit from a qualified auditor, publish the audit summary per regulatory timelines, and provide candidates with compliant notice and accommodation options before the tool is applied to them.",
    "evidence_required": [
     "aedt_scope_determination_record documenting assessment of each automated employment decision tool against NYC LL144 §20-869 and analogous regulatory criteria, with conclusions on in-scope vs. out-of-scope status for each tool",
     "annual_bias_audit_report from an independent auditor meeting LL144 §20-871 requirements, with adverse impact ratios by sex and race/ethnicity categories as required by DCWP rules",
     "public_audit_summary_posting_record with URL and publication_date confirming posting at least 10 business days before AEDT use or annual renewal",
     "candidate_notice_template and delivery_log confirming individualized notice was provided to each candidate prior to AEDT use, with accommodation pathway described and contact information for opt-out requests",
     "auditor_qualification_record confirming auditor independence from the AI vendor and methodology compliance with NYC DCWP administrative rules"
    ],
    "machine_tests": [
     "Query aedt_inventory → assert every tool deployed in New York employment contexts has a current scope_determination_record with determination_date within 12 months and a compliance_status field",
     "Check annual_bias_audit_report → assert audit_completion_date is within 365 days of the prior audit or initial deployment, and adverse impact ratios are present for all required demographic categories per DCWP rules",
     "Verify public_posting_record → assert audit_summary_published_date is at least 10 business days before the AEDT deployment_date or annual_renewal_date recorded in the system"
    ],
    "human_review": [
     "Assess whether the scope determination correctly identifies all tools qualifying as AEDTs under LL144, including tools that substantially assist or replace discretionary employment decisions rather than fully automating them",
     "Review auditor qualification documentation to confirm the auditor satisfies NYC DCWP independence requirements and has no commercial relationship with the AI vendor that would compromise objectivity",
     "Verify that candidate notice procedures are operationally tested and that accommodation requests (e.g., opt-out of AEDT and use of alternative process) can be fulfilled before the tool is applied to any candidate"
    ],
    "blocking_effect": "blocks-deployment",
    "normative_status": "binding-law",
    "anti_patterns": [
     "Narrowly interpreting AEDT scope to exclude tools that 'assist' rather than 'replace' human decisions, missing tools that substantially influence employment outcomes within LL144 scope",
     "Commissioning a bias audit from an auditor with a pre-existing commercial relationship with the AI vendor, compromising the independence required by DCWP administrative rules",
     "Publishing the audit summary after AEDT deployment begins rather than at least 10 business days before, violating the LL144 advance notice timeline",
     "Treating LL144 compliance as a one-time certification rather than an annual renewal cycle requiring a fresh independent audit and updated public posting each year",
     "Providing candidate notice in a format or language inaccessible to the candidate population, rendering the notice requirement procedurally satisfied but substantively ineffective"
    ],
    "update_status": "current",
    "layer_code": "FA"
   },
   {
    "id": "FA-06",
    "layer": "FA",
    "plane": "data",
    "name": "Disparate Impact Analysis",
    "plain": "AI systems subject to fairness requirements must undergo statistical disparate impact analysis comparing decision outcome rates across demographic groups, with analysis performed at the protected characteristic level identified in FA-01 and using the metrics selected in FA-03.",
    "threat": {
     "tags": [
      "disparate-impact",
      "statistical-bias",
      "intersectional-harm",
      "threshold-manipulation"
     ],
     "desc": "Disparate impact where a facially neutral practice produces disproportionately adverse outcomes for a protected group can arise even from AI systems built without discriminatory intent. Aggregate model performance metrics mask group-level disparities: a system with 90% overall accuracy may have 95% accuracy for the majority group and 75% for a minority group. Threshold choices in binary classifiers can be adjusted post-hoc to satisfy one group parity metric while widening disparities on others. Intersectional analysis examining subgroups defined by combinations of protected characteristics frequently reveals harms invisible to single-characteristic analysis."
    },
    "standard": [
     {
      "id": "nist_rmf",
      "section": "MEASURE 2.11",
      "title": "Quantitative fairness measurement across demographic groups"
     },
     {
      "id": "eu_ai_act",
      "section": "Art. 10(5)",
      "title": "Testing datasets and demographic disaggregation"
     },
     {
      "id": "ibm_ai_fairness",
      "section": "Disparate impact metric",
      "title": "AIF360 disparate impact ratio and four-fifths rule analysis"
     },
     {
      "id": "ieee_7000",
      "section": "Clause 9",
      "title": "Ethical requirements definition — measurable non-discrimination criteria"
     }
    ],
    "sources": [
     {
      "id": "ibm_ai_fairness_360_2021",
      "title": "IBM AI Fairness 360 (AIF360)",
      "authority": "IBM Corporation",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2018",
      "published_on": "2018-09-19",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://github.com/Trusted-AI/AIF360",
      "license": "open-source-apache2",
      "status": "current",
      "flagship": false,
      "source_id": "ibm_ai_fairness_360_2021",
      "relationship": "informative_reference",
      "rationale": "Establishes IBM AI Fairness 360 (AIF360) requirements informing the apeiris://ethics/controls/FA-06 Disparate Impact Analysis control.",
      "reviewed_on": "2026-07-02"
     }
    ],
    "implementation": {
     "pattern": "Conduct a Disparate Impact Analysis (DIA) for each AI system at pre-deployment and on a defined re-assessment cadence. The DIA applies the four-fifths (80%) rule as a primary screening threshold and supplements it with statistical significance testing. Intersectional analysis is required for systems where intersectional harm pathways are plausible.",
     "steps": [
      "Compute selection rates (favorable outcome rates) for each protected group and the most-favored group for each decision output.",
      "Apply the four-fifths rule: flag any protected group whose selection rate is below 80% of the most-favored group's selection rate as a potential adverse impact finding.",
      "Apply Fisher's exact test or chi-square test to determine statistical significance of flagged disparities, correcting for multiple comparisons.",
      "Perform intersectional analysis for at least two cross-characteristic combinations identified as plausible harm pathways.",
      "Document all findings, effect sizes, statistical significance levels, and recommended remediation actions."
     ],
     "ethics_officer": {
      "summary": "Disparate impact analysis is the primary quantitative evidence of fairness compliance. Ensure the analysis scope includes intersectional analysis where warranted and that findings drive remediation decisions.",
      "actions": [
       "Approve DIA scope including intersectional analysis requirements before execution.",
       "Review DIA findings and determine which findings require remediation escalation under FA-07.",
       "Ensure DIA cadence is documented and adhered to post-deployment."
      ],
      "failure_signals": [
       "DIA scope excludes intersectional analysis without documented justification.",
       "DIA findings not reviewed by ethics officer before deployment decision."
      ]
     },
     "legal_counsel": {
      "summary": "Review DIA findings for legally actionable disparate impact and advise on whether findings require remediation before deployment or create litigation exposure.",
      "actions": [
       "Review four-fifths rule screening results for legally significant findings.",
       "Advise on the legal significance of statistically significant disparities falling below the four-fifths threshold.",
       "Document legal analysis of DIA findings in the system's legal risk register."
      ],
      "failure_signals": [
       "Legally significant four-fifths rule findings not reviewed by legal counsel before deployment.",
       "DIA findings not documented in the legal risk register."
      ]
     },
     "data_scientist": {
      "summary": "Execute the statistical analysis components of the DIA with appropriate rigor, document all methodological choices, and ensure findings are reproducible from the provided data extract.",
      "actions": [
       "Implement four-fifths rule computation and significance testing using validated statistical libraries.",
       "Apply Bonferroni or Benjamini-Hochberg correction for multiple comparisons across protected groups.",
       "Produce a reproducible analysis report with documented methodology, assumptions, and sensitivity analyses."
      ],
      "failure_signals": [
       "Multiple comparisons correction not applied when testing across multiple protected groups.",
       "Analysis not reproducible from documented methodology and data extract."
      ]
     },
     "grc_auditor": {
      "summary": "Verify that DIA is conducted on schedule, covers required protected characteristics, applies appropriate statistical methodology, and that findings drive remediation under FA-07.",
      "actions": [
       "Review DIA reports for methodology completeness and protected characteristic coverage.",
       "Confirm statistical significance testing and multiple comparisons correction are documented.",
       "Track DIA findings to remediation closure under FA-07."
      ],
      "metrics": [
       "DIA coverage: 100% of high-risk AI systems analyzed pre-deployment and annually.",
       "Four-fifths rule findings remediated or formally accepted with documented justification: 100%.",
       "Intersectional analysis coverage: documented for all systems with plausible intersectional harm pathways."
      ],
      "failure_signals": [
       "DIA findings without documented remediation decision.",
       "Statistical methodology not documented in DIA report."
      ]
     },
     "business_stakeholder": {
      "summary": "Business stakeholders must understand disparate impact findings for their AI systems and formally accept or reject remediation recommendations based on business and ethical considerations.",
      "actions": [
       "Review plain-language DIA summary and understand the business implications of flagged findings.",
       "Formally accept or reject remediation recommendations with documented rationale."
      ],
      "failure_signals": [
       "Business stakeholder unaware of four-fifths rule findings for their deployed system.",
       "Remediation decisions deferred without documented rationale."
      ]
     }
    },
    "maturity": {
     "current": "initial",
     "target": "managed",
     "notes": "Disaggregated statistical analysis is uncommon outside financial services and employment sectors; most AI performance reporting uses aggregate metrics only."
    },
    "capability_risk": {
     "capability_level": "none"
    },
    "tiers": [
     "universal-enterprise",
     "high-risk-sector",
     "eu-high-risk-ai",
     "federated-enterprise",
     "multi-tenant"
    ],
    "implementers": [
     "Data Science",
     "Ethics Team",
     "Legal Counsel",
     "Risk Management"
    ],
    "frameworks": [
     {
      "framework": "nist_rmf",
      "requirement_id": "MEASURE 2.11",
      "fit": "direct",
      "rationale": "NIST AI RMF MEASURE 2.11 requires that fairness and bias are evaluated and results demonstrated, which entails quantitative measurement disaggregated by demographic group. The four-fifths rule analysis and significance testing required by this control directly satisfy the quantitative measurement requirement.",
      "normative_force": "voluntary-standard",
      "source_version": "1.0",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "eu_ai_act",
      "requirement_id": "Art. 10(5)",
      "fit": "direct",
      "rationale": "EU AI Act Article 10(5) requires that testing datasets for high-risk AI systems enable monitoring for bias. Disaggregated disparate impact analysis across demographic groups is the primary mechanism for monitoring the output bias that Art. 10(5) requires.",
      "normative_force": "binding-law",
      "source_version": "2024/1689",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "satisfies"
     },
     {
      "framework": "ibm_ai_fairness",
      "requirement_id": "Disparate impact metric (four-fifths rule)",
      "fit": "direct",
      "rationale": "AIF360 implements the disparate impact ratio — the selection-rate comparison underlying the four-fifths rule — alongside statistical parity difference for disaggregated group analysis. FA-06's disparate impact analysis can compute its required metrics with these implementations, adding the significance testing and multiple-comparisons corrections the control requires.",
      "normative_force": "best-practice",
      "source_version": "2018",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "ieee_7000",
      "requirement_id": "Clause 9 (Ethical requirements definition)",
      "fit": "partial",
      "rationale": "IEEE 7000-2021 clause 9 requires that elicited values be translated into verifiable ethical requirements with measurable satisfaction criteria. Disparate impact analysis is the primary quantitative method for verifying the non-discrimination requirement of AI decision systems.",
      "normative_force": "voluntary-standard",
      "source_version": "2021",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "eu_charter",
      "requirement_id": "Art. 21",
      "fit": "partial",
      "rationale": "The EU Charter Art. 21 non-discrimination right requires that effects of AI systems on protected groups be measurable and demonstrably non-discriminatory. Disparate impact analysis is the quantitative demonstration of compliance with this fundamental right.",
      "normative_force": "binding-law",
      "source_version": "2012/C 326/02",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "satisfies"
     },
     {
      "framework": "owasp_ai_exchange",
      "requirement_id": "unwantedbiastesting",
      "fit": "supporting",
      "rationale": "FA-06's statistical disparate-impact analysis disaggregates outcomes by protected characteristic, producing the quantitative bias findings the AI Exchange control seeks.",
      "normative_force": "industry-framework",
      "source_version": "continuously-updated",
      "reviewed_on": "2026-07-08",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "mitre",
      "requirement_id": "AML.M0008",
      "fit": "supporting",
      "direction": "control-supports-requirement",
      "rationale": "Control \"Every AI system subject to fairness requirements must have a completed statistical…\" enacts ATLAS mitigation AML.M0008 Validate AI Model; OpenCRE crosswalks this control’s OWASP AI Exchange concept (unwantedbiastesting) to this mitigation.",
      "source_version": "v2026.06",
      "reviewed_on": "2026-07-08",
      "source_status": "authoritative",
      "mapping_confidence": "medium",
      "legal_status": "not-applicable",
      "control_readiness": "approved",
      "implementation_maturity": "developing",
      "assurance_result": "not-assessed",
      "evidence_status": "no-evidence",
      "normative_force": "industry-framework",
      "basis": "asserted",
      "relation": "equivalent_to",
      "correction": "ap38-opencre-enhancement 2026-07-08"
     }
    ],
    "canonical_id": "apeiris://ethics/controls/FA-06",
    "meta": {
     "authored_on": "2026-06-29",
     "schema_version": "1.1.0"
    },
    "validation_objective": "Every AI system subject to fairness requirements must have a completed statistical disparate impact analysis that disaggregates decision outcomes by each protected characteristic in the FA-01 register using the metrics selected in FA-03, includes intersectional subgroup analysis, applies multiple comparisons correction, and documents a threshold sensitivity analysis to confirm findings are not threshold-specific.",
    "evidence_required": [
     "disparate_impact_analysis_report with adverse_impact_ratio computed per protected characteristic and per intersectional subgroup, using selected fairness metrics with statistical significance testing and multiple comparisons correction applied",
     "disaggregated_outcome_dataset showing predicted decision rates per demographic group with confidence intervals and group sample sizes",
     "four_fifths_rule_analysis_record for employment and credit contexts showing selection rate ratios by protected characteristic relative to the most-favored group",
     "intersectional_subgroup_analysis_report confirming that pairwise combinations of protected characteristics were evaluated for all subgroups with sample size ≥ 30",
     "threshold_sensitivity_analysis documenting outcome disparity ratios tested across a range of decision thresholds to verify findings are not an artifact of a single threshold value"
    ],
    "machine_tests": [
     "Compute adverse impact ratios for each protected characteristic on the test set → assert all ratios ≥ 0.80 (four-fifths rule) or generate a finding record for each group below threshold requiring documented disposition",
     "Run significance test on outcome rate differences per protected group → assert p-values are corrected for multiple comparisons using Bonferroni or Benjamini-Hochberg correction before any group is declared compliant",
     "Execute intersectional analysis on pairwise combinations of protected characteristics → assert analysis covers all pairs with sample size ≥ 30 and flags underpowered pairs rather than assuming compliance"
    ],
    "human_review": [
     "Review adverse impact ratios for any subgroup falling below the four-fifths threshold and assess whether proposed mitigations are commensurate with the magnitude and size of the affected population",
     "Assess whether intersectional analysis sample sizes are adequate and whether low-count subgroups are treated conservatively (flagged as underpowered rather than assumed compliant due to non-significant results)",
     "Verify that the threshold sensitivity analysis used a sufficiently wide range of values and that the compliance conclusion does not depend on a narrow range of threshold choices that may change post-deployment"
    ],
    "blocking_effect": "blocks-deployment",
    "normative_status": "binding-law",
    "anti_patterns": [
     "Reporting a single aggregate adverse impact ratio that masks group-level disparities across individual protected characteristics",
     "Selecting a decision threshold post-hoc that satisfies the four-fifths rule for the majority group while creating sub-0.80 ratios for intersectional subgroups that were not separately analyzed",
     "Treating small sample sizes in protected subgroups as justification for excluding those subgroups from analysis rather than flagging the analysis as underpowered",
     "Failing to apply multiple comparisons correction when testing disparate impact across many demographic groups, producing false-positive fairness findings through statistical artifacts",
     "Conflating statistical non-significance of disparity differences with practical fairness, reporting p > 0.05 as evidence of compliance without examining effect sizes and the risk of underpowered tests"
    ],
    "update_status": "current",
    "layer_code": "FA"
   },
   {
    "id": "FA-07",
    "layer": "FA",
    "plane": "lifecycle",
    "name": "Bias Remediation Governance",
    "plain": "The organization must define and operate a bias remediation governance process that specifies how bias findings are classified by severity, escalated to appropriate decision-making authority, assigned to remediation owners, remediated through documented technical or operational changes, and verified as resolved.",
    "threat": {
     "tags": [
      "unmitigated-bias",
      "remediation-gap",
      "escalation-failure",
      "recurrence"
     ],
     "desc": "Organizations that conduct thorough bias detection but lack a governed remediation process accumulate findings without resolution. Without severity classification, every finding receives the same insufficient attention. Without escalation paths, findings that require executive action stall at the working level. Without remediation verification, purported fixes may reduce one bias metric while increasing another. Recurrence without root cause analysis leads to repeated short-term mitigations that do not address systemic causes, creating a cycle of re-detection and re-remediation that erodes confidence in the fairness program."
    },
    "standard": [
     {
      "id": "iso_42001",
      "section": "10.1",
      "title": "Continual improvement and corrective action"
     },
     {
      "id": "nist_rmf",
      "section": "MANAGE 1.3",
      "title": "Documented risk response for high-priority AI risks"
     },
     {
      "id": "eu_ai_act",
      "section": "Art. 9(1)",
      "title": "Risk management system — ongoing corrective measures"
     },
     {
      "id": "ieee_7000",
      "section": "Clause 9",
      "title": "Ethical requirements conformance and corrective action"
     }
    ],
    "sources": [
     {
      "id": "microsoft_rai_standard_v2_2022",
      "title": "Microsoft Responsible AI Standard v2",
      "authority": "Microsoft Corporation",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2",
      "published_on": "2022-06-21",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.microsoft.com/en-us/ai/responsible-ai",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "microsoft_rai_standard_v2_2022",
      "relationship": "informative_reference",
      "rationale": "Establishes Microsoft Responsible AI Standard v2 requirements informing the apeiris://ethics/controls/FA-07 Bias Remediation Governance control.",
      "reviewed_on": "2026-07-01"
     }
    ],
    "implementation": {
     "pattern": "Implement a Bias Remediation Governance Process (BRGP) that classifies findings by severity (critical, high, medium, low), assigns escalation paths and decision authorities by severity level, tracks remediation to verified closure, and requires root cause analysis for critical and high findings.",
     "steps": [
      "Define severity classification criteria: critical (legally actionable disparate impact, deployment blocker), high (statistically significant four-fifths rule finding requiring executive review), medium (trend requiring monitoring), low (informational).",
      "Assign escalation paths: critical findings escalate to Chief Ethics Officer and General Counsel within 24 hours; high findings escalate to ethics review board within 5 business days.",
      "Assign each finding a remediation owner and a target remediation date; remediation options include data rebalancing, feature removal, threshold adjustment, model replacement, and operational mitigation.",
      "Verify remediation effectiveness by re-running the original bias test after remediation and confirming the finding is resolved without introducing new disparities.",
      "For critical and high findings, complete a root cause analysis and document structural corrective actions to prevent recurrence."
     ],
     "ethics_officer": {
      "summary": "Bias remediation governance is the accountability mechanism for the fairness program. Chair the ethics review board and ensure critical findings are escalated and resolved with appropriate urgency.",
      "actions": [
       "Chair monthly bias remediation review board meetings.",
       "Ensure critical findings are escalated to the correct decision authority within 24 hours.",
       "Review root cause analyses for critical and high findings and approve structural corrective actions."
      ],
      "failure_signals": [
       "Critical finding not escalated within 24-hour SLA.",
       "Remediation closed without verification re-test."
      ]
     },
     "legal_counsel": {
      "summary": "Advise on whether critical and high findings create legal exposure requiring immediate operational changes or regulatory notification, and review remediation plans for legal adequacy.",
      "actions": [
       "Assess critical findings for regulatory notification obligations.",
       "Review proposed remediation plans for legally significant findings.",
       "Advise on residual legal risk after remediation verification."
      ],
      "failure_signals": [
       "Legally significant finding remediated without legal review of the remediation approach.",
       "Regulatory notification obligation not assessed for critical findings."
      ]
     },
     "data_scientist": {
      "summary": "Implement technical remediation options and conduct verification re-testing to confirm remediation effectiveness without introducing new disparities.",
      "actions": [
       "Evaluate technical remediation options including data rebalancing, adversarial debiasing, and threshold calibration, then recommend the optimal approach.",
       "Implement approved remediation and re-run bias tests on a held-out verification dataset.",
       "Document that remediation did not introduce new disparities on other protected characteristics."
      ],
      "failure_signals": [
       "Remediation implemented without verification re-test on held-out data.",
       "Verification tests only check the original finding without testing for new disparities on other characteristics."
      ]
     },
     "grc_auditor": {
      "summary": "Track all open bias findings through the remediation lifecycle, verify that SLAs are met, and confirm that verification re-tests are completed before findings are closed.",
      "actions": [
       "Maintain the bias finding register and track open findings against SLAs.",
       "Verify that verification re-tests are completed before closing remediated findings.",
       "Report on SLA adherence and finding age at quarterly governance reviews."
      ],
      "metrics": [
       "Critical finding escalation SLA adherence: 100% within 24 hours.",
       "High finding escalation SLA: 100% within 5 business days.",
       "Findings closed with verified remediation: 100%.",
       "Average finding age at close for critical findings: target 30 days or fewer."
      ],
      "failure_signals": [
       "Any critical finding without escalation documentation within 24 hours.",
       "Any finding closed without a documented verification re-test."
      ]
     },
     "business_stakeholder": {
      "summary": "Business stakeholders must participate in remediation decisions that involve trade-offs between model performance and fairness outcomes, and must authorize operational mitigations where technical remediation is not feasible in the required timeframe.",
      "actions": [
       "Attend ethics review board for high and critical findings affecting their systems.",
       "Authorize operational mitigations such as human review escalation or system suspension when technical remediation will exceed SLA."
      ],
      "failure_signals": [
       "Critical findings remediated with purely technical fixes not reviewed by business for operational impact.",
       "Business stakeholders absent from remediation decisions that affect their customers or employees."
      ]
     }
    },
    "maturity": {
     "current": "initial",
     "target": "defined",
     "notes": "Formal bias remediation governance with severity classification, escalation paths, and verification requirements is rare; most organizations treat bias findings informally."
    },
    "capability_risk": {
     "capability_level": "none"
    },
    "tiers": [
     "universal-enterprise",
     "high-risk-sector",
     "eu-high-risk-ai",
     "federated-enterprise"
    ],
    "implementers": [
     "Ethics Team",
     "Data Science",
     "Legal Counsel",
     "Risk Management"
    ],
    "frameworks": [
     {
      "framework": "iso_42001",
      "requirement_id": "§10.1",
      "fit": "direct",
      "rationale": "ISO/IEC 42001 §10.1 requires continual improvement through corrective actions when nonconformities are identified. The Bias Remediation Governance Process is the specific corrective action mechanism for fairness nonconformities identified through the ABIA, DIA, and bias testing controls.",
      "normative_force": "certification-standard",
      "source_version": "2023",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "nist_rmf",
      "requirement_id": "MANAGE 1.3",
      "fit": "direct",
      "rationale": "NIST AI RMF MANAGE 1.3 requires that responses to AI risks deemed high priority are developed, planned, and documented. The BRGP operationalizes documented risk response for bias findings with severity classification, escalation, and verification requirements.",
      "normative_force": "voluntary-standard",
      "source_version": "1.0",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "eu_ai_act",
      "requirement_id": "Art. 9(1)",
      "fit": "direct",
      "rationale": "EU AI Act Article 9(1) requires a risk management system that includes ongoing risk control measures throughout the AI system lifecycle. The BRGP is the ongoing corrective measure component of the risk management system for fairness risks.",
      "normative_force": "binding-law",
      "source_version": "2024/1689",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "satisfies"
     },
     {
      "framework": "ieee_7000",
      "requirement_id": "Clause 9 (Ethical requirements definition)",
      "fit": "partial",
      "rationale": "IEEE 7000-2021 clause 9 defines the ethical requirements a system must continue to satisfy; findings that a deployed system violates those requirements demand documented correction. This control implements that corrective discipline for bias findings, with root-cause documentation and structural remediation.",
      "normative_force": "voluntary-standard",
      "source_version": "2021",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "microsoft_rai",
      "requirement_id": "Goal RS2 (Failures and remediations)",
      "fit": "partial",
      "rationale": "Microsoft Responsible AI Standard v2 Goal RS2 (failures and remediations) requires processes for identifying and remediating AI failures and harms, including bias. The BRGP aligns with the incident response model by providing classification, escalation, remediation, and verification stages.",
      "normative_force": "best-practice",
      "source_version": "v2 (2022)",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     }
    ],
    "canonical_id": "apeiris://ethics/controls/FA-07",
    "meta": {
     "authored_on": "2026-06-29",
     "schema_version": "1.1.0"
    },
    "validation_objective": "The organization's Bias Remediation Governance Process (BRGP) is documented, operational, and demonstrably functions: every bias finding is classified by severity, escalated within defined SLAs, assigned to a remediation owner, resolved through a verified fix, and closed only after a verification re-test confirms resolution without introducing new disparities.",
    "evidence_required": [
     "bias_finding_register with fields: finding_id, severity_class, escalation_timestamp, escalation_target, remediation_owner, remediation_method, verification_retest_result, and closure_timestamp for each finding",
     "escalation_audit_log showing timestamped escalation events for each critical and high finding with receiving party and resolution pathway",
     "remediation_verification_report per closed finding, including re-test results on held-out verification dataset and confirmation that no new disparities were introduced on other protected characteristics",
     "root_cause_analysis_document for each critical and high finding, including structural corrective actions approved by the ethics officer",
     "ethics_review_board_minutes showing board convened within required cadence with attendance record, findings reviewed, and decisions made"
    ],
    "machine_tests": [
     "Query bias_finding_register for critical findings where (closure_timestamp - escalation_timestamp) > 24h → assert zero records found",
     "Query bias_finding_register for findings with status=closed where verification_retest_result is null or missing → assert zero records found",
     "Submit a synthetic critical finding to the BRGP intake endpoint → assert escalation notification dispatched to Chief Ethics Officer and General Counsel within 1 minute and status transitions to 'escalated'",
     "Query finding_register for high findings open more than 5 business days without escalation documentation → assert zero records returned"
    ],
    "human_review": [
     "Assess the BRGP severity classification criteria for completeness: verify that the definition of 'critical' includes legally actionable disparate impact and that escalation paths name specific role titles rather than generic teams",
     "Review a sample of 5 closed critical and high findings to verify that root cause analyses document structural corrective actions rather than point-in-time mitigations and that remediation verification re-tests used held-out data distinct from the detection dataset",
     "Verify that the ethics review board meeting cadence matches documented policy and that minutes record findings reviewed and decisions made, not just attendance"
    ],
    "blocking_effect": "requires-review",
    "normative_status": "binding-law",
    "anti_patterns": [
     "Closing bias findings administratively without a documented verification re-test on held-out data, allowing unverified fixes to be declared resolved",
     "Treating all findings as equal priority regardless of severity, causing critical legally-actionable disparate impact findings to queue behind informational ones",
     "Escalation paths that name generic teams ('Legal', 'Ethics') rather than specific role titles with backup designees, causing critical findings to stall when primary contacts are unavailable",
     "Root cause analyses that describe what happened rather than why, producing corrective actions that only address the immediate finding without preventing recurrence",
     "Remediation verification tests that re-run the same bias metric that triggered the finding without checking whether the fix introduced disparities on other protected characteristics"
    ],
    "update_status": "current",
    "layer_code": "FA"
   },
   {
    "id": "FA-08",
    "layer": "FA",
    "plane": "both",
    "name": "Fairness and Accountability Evidence Package",
    "plain": "For each AI system subject to fairness controls, the organization must compile an FA-layer evidence package that aggregates attestation artifacts from FA-01 through FA-07, demonstrates that fairness controls are assessed, justified, and effective, and satisfies the evidentiary requirements of applicable regulations and audit frameworks.",
    "threat": {
     "tags": [
      "evidence-gap",
      "audit-failure",
      "regulatory-non-disclosure",
      "accountability-deficit"
     ],
     "desc": "Organizations may execute individual fairness controls competently but fail to assemble and maintain an integrated evidence package that demonstrates the full fairness assurance chain to auditors, regulators, and affected parties. Fragmented documentation scattered across teams and systems cannot support regulatory inquiry timelines, may be internally inconsistent, and fails to demonstrate that controls operate as a coherent system rather than isolated point solutions. An unassembled evidence package also prevents the organization from detecting gaps such as controls executed without cross-linking findings to remediation."
    },
    "standard": [
     {
      "id": "eu_ai_act",
      "section": "Art. 11 + Annex IV",
      "title": "Technical documentation and evidence requirements for high-risk AI"
     },
     {
      "id": "iso_42001",
      "section": "9.3",
      "title": "Management review and evidence of AI governance"
     },
     {
      "id": "nist_rmf",
      "section": "GOVERN 4.2",
      "title": "Documentation of AI risks and impacts supporting accountability"
     },
     {
      "id": "oecd_ai_principles",
      "section": "Principle 1.5",
      "title": "Accountability through documented evidence and transparency"
     }
    ],
    "sources": [
     {
      "id": "google_ai_principles_2023",
      "title": "Google AI Principles",
      "authority": "Google LLC",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2025",
      "published_on": "2025-02-04",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://ai.google/responsibility/principles/",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "google_ai_principles_2023",
      "relationship": "informative_reference",
      "rationale": "Establishes Google AI Principles requirements informing the apeiris://ethics/controls/FA-08 Fairness and Accountability Evidence Package control.",
      "reviewed_on": "2026-07-02"
     }
    ],
    "implementation": {
     "pattern": "Compile an FA Evidence Package for each AI system at pre-deployment and refresh it at each annual review cycle. The package assembles attestation artifacts from all seven FA controls into a structured dossier that can be produced on demand for regulatory inquiry, internal audit, or external third-party review.",
     "steps": [
      "Define the FA Evidence Package structure: an index document plus artifact pointers to the Protected Characteristic Register (FA-01), ABIA report (FA-02), Fairness Metric Justification Document (FA-03), bias testing protocol and audit report (FA-04), AEDT compliance documentation (FA-05), DIA report (FA-06), and bias finding register with remediation records (FA-07).",
      "Compile the package index with artifact version, date, author, reviewer, and completeness status for each required artifact.",
      "Conduct an internal completeness review: verify cross-consistency such as DIA using metrics from FA-03, audit covering characteristics from FA-01, and remediation records referencing DIA findings.",
      "Sign the package index with an ethics officer attestation and record it in the AI system's governance record.",
      "Store the package in a designated repository with version control and retention period aligned to applicable legal requirements (minimum 3 years or as required by regulation)."
     ],
     "ethics_officer": {
      "summary": "The FA Evidence Package is the primary deliverable demonstrating that the organization's fairness assurance program is operational and effective for each AI system.",
      "actions": [
       "Sign the package index attestation for each compiled FA Evidence Package.",
       "Review cross-consistency findings from the completeness review and resolve any gaps before attestation.",
       "Ensure package retention and accessibility for regulatory inquiry."
      ],
      "failure_signals": [
       "Evidence package not compiled within 30 days of AI system deployment.",
       "Package attestation not signed by ethics officer."
      ]
     },
     "legal_counsel": {
      "summary": "Verify that the evidence package satisfies applicable regulatory documentation requirements and advise on retention, privilege, and disclosure obligations.",
      "actions": [
       "Review the package index against regulatory documentation requirements for each applicable jurisdiction.",
       "Advise on attorney-client privilege treatment of legal risk assessments included in the package.",
       "Confirm retention period and storage location meet legal requirements."
      ],
      "failure_signals": [
       "Evidence package lacks required documentation for a jurisdiction in which the system is deployed.",
       "Retention period not documented or shorter than the applicable legal requirement."
      ]
     },
     "data_scientist": {
      "summary": "Ensure all technical artifacts in the evidence package are reproducible, versioned, and linked to the specific model version they assess.",
      "actions": [
       "Tag all technical artifacts with the model version, data version, and analysis software version to ensure reproducibility.",
       "Confirm that bias test artifacts are linked to the correct audit protocol version from FA-04.",
       "Verify DIA and ABIA artifacts use metrics from the current Fairness Metric Justification Document."
      ],
      "failure_signals": [
       "Technical artifacts not version-tagged to the specific model and dataset they assess.",
       "DIA or ABIA report uses different metrics than the current Fairness Metric Justification Document."
      ]
     },
     "grc_auditor": {
      "summary": "Audit evidence package completeness and cross-consistency, and verify that the package is refreshed on the required schedule and accessible for external review.",
      "actions": [
       "Conduct completeness review against the required artifact checklist for each evidence package.",
       "Test package accessibility and confirm the storage location is accessible for regulatory inquiry within required response time.",
       "Track evidence package refresh cadence and flag packages not refreshed within 12 months of last version."
      ],
      "metrics": [
       "FA Evidence Package coverage: 100% of AI systems subject to fairness requirements have a current package.",
       "Package completeness rate (all required artifacts present and signed): target 100%.",
       "Package refresh cadence: annual review completed within 12 months of last review.",
       "Regulatory inquiry response time: package producible within 72 hours of request."
      ],
      "failure_signals": [
       "Any high-risk AI system without a current FA Evidence Package.",
       "Package not producible within 72 hours during a simulated regulatory inquiry drill."
      ]
     },
     "business_stakeholder": {
      "summary": "Business sponsors must acknowledge the FA Evidence Package for their systems and understand that it represents the organization's accountability record for AI fairness.",
      "actions": [
       "Review the package executive summary and confirm understanding of the fairness evidence assembled.",
       "Acknowledge any residual risks documented in the package and confirm they are within business risk tolerance."
      ],
      "failure_signals": [
       "Business stakeholder has not reviewed or acknowledged the evidence package for their AI system.",
       "Residual risks in the package not reflected in the business risk register."
      ]
     }
    },
    "maturity": {
     "current": "initial",
     "target": "defined",
     "notes": "Integrated FA evidence packages are uncommon; most organizations maintain fairness documentation in fragmented form across data science, legal, and compliance teams with no unified accountability record."
    },
    "capability_risk": {
     "capability_level": "none"
    },
    "tiers": [
     "universal-enterprise",
     "high-risk-sector",
     "eu-high-risk-ai",
     "federated-enterprise",
     "multi-tenant"
    ],
    "implementers": [
     "Ethics Team",
     "GRC / Audit",
     "Legal Counsel",
     "Data Science"
    ],
    "frameworks": [
     {
      "framework": "eu_ai_act",
      "requirement_id": "Art. 11 + Annex IV",
      "fit": "direct",
      "rationale": "EU AI Act Article 11 requires providers of high-risk AI systems to draw up technical documentation demonstrating compliance with all requirements, and Annex IV enumerates the required content. The FA Evidence Package directly satisfies the fairness-related components of the Annex IV technical documentation requirement.",
      "normative_force": "binding-law",
      "source_version": "2024/1689",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "satisfies"
     },
     {
      "framework": "iso_42001",
      "requirement_id": "§9.3",
      "fit": "direct",
      "rationale": "ISO/IEC 42001 §9.3 requires management review of the AI management system using documented evidence. The FA Evidence Package provides the structured documented evidence of fairness controls required for this management review.",
      "normative_force": "certification-standard",
      "source_version": "2023",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "nist_rmf",
      "requirement_id": "GOVERN 4.2",
      "fit": "direct",
      "rationale": "NIST AI RMF GOVERN 4.2 requires organizational teams to document the risks and potential impacts of the AI technology they design, develop, and deploy. The FA Evidence Package is the documentation artifact that demonstrates accountability for fairness decisions across the AI system lifecycle.",
      "normative_force": "voluntary-standard",
      "source_version": "1.0",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "oecd_ai_principles",
      "requirement_id": "Principle 1.5",
      "fit": "partial",
      "rationale": "OECD AI Principle 1.5 (Accountability) requires that AI actors can demonstrate accountability for their systems, including through documentation and traceability. The FA Evidence Package assembles the documented evidence base required to demonstrate that fairness controls operate as claimed.",
      "normative_force": "voluntary-standard",
      "source_version": "2024",
      "reviewed_on": "2026-07-02",
      "basis": "asserted",
      "relation": "informs"
     },
     {
      "framework": "google_ai_principles",
      "requirement_id": "Responsible development and deployment — mitigating unintended or harmful outcomes and avoiding unfair bias; human oversight and due diligence",
      "fit": "adjacent",
      "rationale": "Google's current AI Principles (the 2025 revision, which replaced the 2018 seven-principles list with three pillars — Bold innovation; Responsible development and deployment; Collaborative progress) commit to avoiding unfair bias through rigorous testing and monitoring, with due diligence and oversight. The FA Evidence Package supports these commitments by providing the accountability record demonstrating that bias controls are systematically applied.",
      "normative_force": "best-practice",
      "source_version": "2025",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     }
    ],
    "canonical_id": "apeiris://ethics/controls/FA-08",
    "meta": {
     "authored_on": "2026-06-29",
     "schema_version": "1.1.0"
    },
    "validation_objective": "For every AI system subject to fairness controls, a complete FA Evidence Package exists in a version-controlled repository, contains signed and dated artifacts from all seven FA controls cross-linked for consistency, has been attested by the ethics officer, and can be produced in full within 72 hours of a regulatory inquiry request.",
    "evidence_required": [
     "fa_evidence_package_index document per AI system with fields: system_id, artifact_list (FA-01 through FA-07 artifact pointers with version, date, author, reviewer, and completeness_status), ethics_officer_attestation_signature, and package_compiled_date",
     "completeness_review_checklist showing cross-consistency verification results (DIA uses metrics from FA-03, bias audit covers characteristics from FA-01, remediation records reference DIA findings)",
     "version_control_history for the evidence package repository showing retention period configuration and access controls",
     "package_retrieval_test_log showing a timed drill in which the complete package was produced within the required response window",
     "ethics_officer_attestation_record with signature, date, and the attestation scope statement"
    ],
    "machine_tests": [
     "Query evidence_package_registry for AI systems where system_risk_tier = 'high-risk' and (package_compiled_date is null or package_compiled_date < deployment_date + 30 days) → assert zero records returned",
     "For each package in registry, verify artifact_list contains pointers to all 7 FA control artifacts and each pointer has non-null version, date, author, and completeness_status → assert no missing fields",
     "Simulate a package retrieval request for a randomly selected high-risk system and measure time to produce all artifacts → assert retrieval completed in under 72 hours",
     "Verify package_index.ethics_officer_attestation_signature is a valid cryptographic signature against the package index content hash → assert signature validates"
    ],
    "human_review": [
     "Inspect a sample of three FA Evidence Packages for cross-consistency: verify that the DIA report (FA-06) uses the same fairness metrics as the Fairness Metric Justification Document (FA-03), and that the bias audit (FA-04) covers all protected characteristics listed in the Protected Characteristic Register (FA-01)",
     "Review evidence package retention period documentation and confirm it meets or exceeds the applicable legal minimum (minimum 3 years or per jurisdiction requirement) and that access controls restrict modification of archived packages",
     "Assess the ethics officer attestation process: verify that attestation is signed after the completeness review is complete, not simultaneously with package compilation, ensuring independent confirmation of package integrity"
    ],
    "blocking_effect": "blocks-deployment",
    "normative_status": "binding-law",
    "anti_patterns": [
     "Compiling an FA Evidence Package as a collection of folder links without a signed index document, making it impossible to establish what artifacts were current at a specific point in time during a regulatory inquiry",
     "Performing completeness review simultaneously with package compilation by the same person who produced the artifacts, eliminating independent verification of cross-consistency",
     "Storing the evidence package in a mutable location without version control, allowing artifacts to be silently replaced after attestation is signed",
     "Treating the FA Evidence Package as a one-time pre-deployment artifact and not refreshing it after material model changes, bias audits, or DIA updates that alter the evidentiary basis",
     "Including pointers to artifacts that exist in the originating team's private drive rather than in the designated governance repository, making regulatory production within 72 hours operationally impossible"
    ],
    "update_status": "current",
    "layer_code": "FA"
   },
   {
    "id": "XP-01",
    "layer": "XP",
    "plane": "control",
    "name": "Explainability Method Selection and Justification",
    "plain": "Organizations must select explainability methods that are appropriate to the model type, decision stakes, and regulatory context, and must document the justification for each method chosen, including its known limitations and scope of applicability.",
    "threat": {
     "tags": [
      "unexplainable-decision",
      "method-mismatch",
      "post-hoc-rationalization",
      "regulatory-noncompliance"
     ],
     "desc": "Without principled method selection, organizations apply generic or convenient explainability tools that do not faithfully represent the model's decision logic. SHAP applied to a deep recurrent model provides feature attributions that may mislead stakeholders about actual causal drivers. Regulators increasingly require evidence that explanation methods are fit-for-purpose, not merely present."
    },
    "standard": [
     {
      "id": "eu_ai_act",
      "section": "Art. 13",
      "title": "Transparency and provision of information to deployers"
     },
     {
      "id": "nist_rmf",
      "section": "MEASURE 2.9",
      "title": "Model explanation, validation, and documentation"
     },
     {
      "id": "iso_42001",
      "section": "§8.4",
      "title": "AI system impact assessment — explainability requirements"
     },
     {
      "id": "ieee_7000",
      "section": "Clause 11",
      "title": "Transparency management process"
     }
    ],
    "sources": [
     {
      "id": "microsoft_rai_standard_v2_2022",
      "title": "Microsoft Responsible AI Standard v2",
      "authority": "Microsoft Corporation",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2",
      "published_on": "2022-06-21",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.microsoft.com/en-us/ai/responsible-ai",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "microsoft_rai_standard_v2_2022",
      "relationship": "informative_reference",
      "rationale": "Establishes Microsoft Responsible AI Standard v2 requirements informing the apeiris://ethics/controls/XP-01 Explainability Method Selection and Justification control.",
      "reviewed_on": "2026-07-01"
     },
     {
      "id": "openai_model_spec_2024",
      "title": "OpenAI Model Specification",
      "authority": "OpenAI, L.L.C.",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2024",
      "published_on": "2024-05-08",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://cdn.openai.com/spec/model-spec-2024-05-08.html",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "openai_model_spec_2024",
      "relationship": "informative_reference",
      "rationale": "Establishes OpenAI Model Specification requirements informing the apeiris://ethics/controls/XP-01 Explainability Method Selection and Justification control.",
      "reviewed_on": "2026-07-01"
     },
     {
      "id": "google_ai_principles_2023",
      "title": "Google AI Principles",
      "authority": "Google LLC",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2025",
      "published_on": "2025-02-04",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://ai.google/responsibility/principles/",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "google_ai_principles_2023",
      "relationship": "informative_reference",
      "rationale": "Establishes Google AI Principles requirements informing the apeiris://ethics/controls/XP-01 Explainability Method Selection and Justification control.",
      "reviewed_on": "2026-07-02"
     },
     {
      "id": "ibm_ai_fairness_360_2021",
      "title": "IBM AI Fairness 360 (AIF360)",
      "authority": "IBM Corporation",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2018",
      "published_on": "2018-09-19",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://github.com/Trusted-AI/AIF360",
      "license": "open-source-apache2",
      "status": "current",
      "flagship": false,
      "source_id": "ibm_ai_fairness_360_2021",
      "relationship": "informative_reference",
      "rationale": "Establishes IBM AI Fairness 360 (AIF360) requirements informing the apeiris://ethics/controls/XP-01 Explainability Method Selection and Justification control.",
      "reviewed_on": "2026-07-02"
     }
    ],
    "implementation": {
     "pattern": "Maintain an explainability method registry mapping model types and decision stakes to approved methods. Require documented justification for each method selection, including fidelity limitations, coverage scope, and alternative methods considered.",
     "steps": [
      "Categorize deployed models by type (tree-based, neural, linear, ensemble) and decision stakes (high/medium/low) and map each to a set of approved explainability methods.",
      "Document the justification for each selected method, including its known fidelity limitations, the decision stakes threshold it meets, and any regulatory requirements it satisfies.",
      "Establish a review gate in the model deployment pipeline that requires an approved explainability method selection before a high-stakes model can be promoted to production.",
      "Publish and maintain an explainability method registry accessible to ethics officers, legal counsel, and regulators on request."
     ],
     "ethics_officer": {
      "summary": "Method selection is a governance decision, not a purely technical one. Ensure the registry reflects regulatory requirements and that technical choices are documented in plain language.",
      "actions": [
       "Review and approve the explainability method registry at least annually.",
       "Ensure high-stakes model deployments include ethics officer sign-off on method selection."
      ],
      "failure_signals": [
       "High-stakes models deployed without documented explainability method justification.",
       "Methods selected that are known to be inapplicable to the model architecture in use."
      ]
     },
     "data_scientist": {
      "summary": "You are responsible for selecting and implementing the explainability method. Document your rationale, including why alternatives were rejected and what the known limitations of your chosen method are.",
      "actions": [
       "Select explainability methods from the approved registry for each model deployment.",
       "Document fidelity limitations of the selected method in the model card.",
       "Test explanation stability across representative input perturbations."
      ],
      "failure_signals": [
       "Explanation outputs vary significantly across semantically similar inputs.",
       "Selected method is not in the approved registry without documented exception."
      ]
     },
     "grc_auditor": {
      "summary": "The explainability method registry and deployment gate records are the primary audit artifacts for this control.",
      "actions": [
       "Request the explainability method registry and verify coverage of all production high-stakes models.",
       "Sample 10% of recent high-stakes model deployments and verify documented method justification exists.",
       "Confirm deployment gate records show ethics officer approval for high-stakes models."
      ],
      "metrics": [
       "Percentage of high-stakes models with documented method justification: target 100%.",
       "Percentage of models using methods from the approved registry: target 100%."
      ],
      "failure_signals": [
       "High-stakes models lacking documented method justification.",
       "Models using unapproved methods without documented exception and sign-off."
      ]
     },
     "legal_counsel": {
      "summary": "EU AI Act Art. 13 and GDPR Art. 22 require that explanations be meaningful. Method selection is a legal compliance issue, not just a technical preference.",
      "actions": [
       "Review the explainability method registry for alignment with applicable regulatory requirements.",
       "Flag any methods that would not satisfy GDPR Art. 22 'meaningful information' standard for automated decisions."
      ],
      "failure_signals": [
       "Methods selected that cannot produce human-intelligible explanations as required by GDPR Art. 22.",
       "No legal review of method registry in over 12 months."
      ]
     }
    },
    "maturity": {
     "current": "initial",
     "target": "defined",
     "notes": "Most organizations select explainability methods ad hoc without a registry or documented justification process."
    },
    "capability_risk": {
     "capability_level": "none"
    },
    "tiers": [
     "universal-enterprise",
     "high-risk-sector",
     "eu-high-risk-ai",
     "cloud-native"
    ],
    "implementers": [
     "Data Science",
     "AI Ethics Team",
     "ML Engineering",
     "GRC"
    ],
    "frameworks": [
     {
      "framework": "eu_ai_act",
      "requirement_id": "Art. 13",
      "fit": "direct",
      "rationale": "EU AI Act Art. 13 requires that high-risk AI systems be designed to allow deployers to interpret the system's output. Method selection directly determines whether interpretation is possible. Selecting an inapplicable method can render compliance impossible regardless of implementation effort.",
      "normative_force": "binding-law",
      "source_version": "2024/1689",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "satisfies"
     },
     {
      "framework": "nist_rmf",
      "requirement_id": "MEASURE 2.9",
      "fit": "direct",
      "rationale": "NIST AI RMF MEASURE 2.9 requires that the AI model to be deployed is explained, validated, and documented. Method selection determines what explanations are possible, and the RMF's guidance notes that explanations must be tailored to context and model type — making documented, fit-for-purpose method selection a prerequisite for satisfying this subcategory.",
      "normative_force": "voluntary-standard",
      "source_version": "1.0",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "iso_42001",
      "requirement_id": "§8.4",
      "fit": "direct",
      "rationale": "ISO/IEC 42001:2023 §8.4 requires AI impact assessments to address explainability. The standard's governance framework requires that explainability controls be selected with documented justification tied to the system's intended use and risk classification.",
      "normative_force": "certification-standard",
      "source_version": "2023",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "ieee_7000",
      "requirement_id": "Clause 11 (Transparency management)",
      "fit": "direct",
      "rationale": "IEEE 7000-2021 clause 11 defines a transparency management process for deciding what system information must be made transparent to which stakeholders and how. Explainability method selection is the foundational decision that determines whether the transparency this process commits to can actually be delivered.",
      "normative_force": "voluntary-standard",
      "source_version": "2021",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "oecd_ai_principles",
      "requirement_id": "Principle 1.3",
      "fit": "partial",
      "rationale": "OECD AI Principles 2024 Principle 1.3 (Transparency and Explainability) calls for AI actors to commit to transparency about AI systems. Selecting appropriate explainability methods is a prerequisite for fulfilling this principle in practice, though the OECD principles do not specify technical methods.",
      "normative_force": "voluntary-standard",
      "source_version": "2024",
      "reviewed_on": "2026-07-02",
      "basis": "asserted",
      "relation": "informs"
     },
     {
      "framework": "microsoft_rai",
      "requirement_id": "Goal T1 (System intelligibility for decision making)",
      "fit": "partial",
      "rationale": "Microsoft Responsible AI Standard v2 Goal T1 (system intelligibility for decision making) specifies that stakeholders must be able to understand and interpret system behavior for the decisions they make. The goal's intelligibility requirements across model types and risk levels provide a practical framework for registry construction.",
      "normative_force": "best-practice",
      "source_version": "v2 (2022)",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "openai_model_spec",
      "requirement_id": "Seek the truth together — Be honest and transparent",
      "fit": "partial",
      "rationale": "XP-01 requires selecting explainability methods that faithfully represent model decision logic and documenting their limitations. The Model Spec's 'Be honest and transparent' rules (Seek the truth together) prohibit the model from creating false impressions about its behavior or reasoning; an inapplicable or low-fidelity explanation method produces exactly such false impressions, so principled method selection is a practical implementation of the spec's honesty commitment at the deployment layer.",
      "normative_force": "best-practice",
      "source_version": "2025-12-18",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "google_ai_principles",
      "requirement_id": "Responsible development and deployment — appropriate human oversight, due diligence, and feedback mechanisms",
      "fit": "partial",
      "rationale": "Google's current AI Principles (the 2025 revision, which replaced the 2018 seven-principles list with three pillars — Bold innovation; Responsible development and deployment; Collaborative progress) commit to appropriate human oversight, due diligence, and feedback mechanisms — all of which presuppose that model behavior can be meaningfully explained. XP-01's fit-for-purpose explainability method selection is the technical foundation without which oversight and feedback about model decisions cannot be substantiated.",
      "normative_force": "best-practice",
      "source_version": "2025",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "ibm_ai_fairness",
      "requirement_id": "Bias metric selection (metric matched to task and fairness definition)",
      "fit": "adjacent",
      "rationale": "AIF360's documentation emphasizes that metric choice must match the task, the data, and the applicable fairness definition — the same fit-for-purpose selection discipline XP-01 applies to explainability methods. The toolkit is an adjacent reference for structured method-selection rigor rather than a source of explainability requirements.",
      "normative_force": "best-practice",
      "source_version": "2018",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "owasp_ai_exchange",
      "requirement_id": "explainability",
      "fit": "direct",
      "rationale": "XP-01 requires a documented, justified explainability method for high-stakes AI systems, which is the mechanism AI Exchange EXPLAINABILITY calls for.",
      "normative_force": "industry-framework",
      "source_version": "continuously-updated",
      "reviewed_on": "2026-07-08",
      "basis": "anchored",
      "relation": "equivalent_to"
     }
    ],
    "canonical_id": "apeiris://ethics/controls/XP-01",
    "meta": {
     "authored_on": "2026-06-29",
     "schema_version": "1.1.0"
    },
    "validation_objective": "Every high-stakes AI system in production has a documented explainability method selection record in the approved registry, including a written justification that names the method, the model type it covers, known fidelity limitations, regulatory requirements satisfied, and alternative methods considered; and no high-stakes model was promoted to production without ethics officer sign-off on method selection.",
    "evidence_required": [
     "explainability_method_registry document listing each model type and decision-stakes combination mapped to approved methods, with version date and reviewing authority signature",
     "method_selection_justification_record per model deployment with fields: model_id, model_type, decision_stakes_tier, selected_method, fidelity_limitations, regulatory_requirements_satisfied, alternative_methods_considered, and ethics_officer_sign_off_date",
     "deployment_gate_approval_record showing explainability method approval was a required gate in the model deployment pipeline for each high-stakes model",
     "model_card entry for each model showing the selected explainability method and its documented limitations"
    ],
    "machine_tests": [
     "Query model_deployment_log for models where decision_stakes_tier = 'high' and method_selection_justification_record_id is null → assert zero records returned",
     "Query deployment_gate_approval_log for high-stakes model promotions where ethics_officer_sign_off_date is null or sign_off_date > promotion_date → assert zero records returned",
     "For each model in the registry, verify selected_method is listed in the current approved explainability_method_registry for the model's type and stakes tier → assert no mismatches",
     "Retrieve a sample method_selection_justification_record and verify all required fields (model_type, fidelity_limitations, alternative_methods_considered) are populated with non-null, non-empty values → assert all fields present"
    ],
    "human_review": [
     "Review the explainability method registry for each production model type and verify that approved methods are appropriate to the model architecture (e.g., LIME or SHAP for tree-based models, attention visualization only where architecturally meaningful) rather than defaulting to a single method regardless of model type",
     "Assess a sample of five method_selection_justification_records for substantive quality: verify that fidelity_limitations reflect known technical constraints of the method (e.g., SHAP assumes feature independence), not boilerplate disclaimers, and that alternative methods considered were genuinely evaluated",
     "Verify that the deployment gate for high-stakes models requires ethics officer sign-off as a blocking condition and that the sign-off record predates the model promotion timestamp in the deployment log"
    ],
    "blocking_effect": "blocks-deployment",
    "normative_status": "binding-law",
    "anti_patterns": [
     "Selecting a single explainability method (e.g., SHAP) for all models regardless of architecture, applying it to deep neural or recurrent models where it provides feature attributions that do not reflect actual causal pathways",
     "Documenting the justification after the model has already been deployed to production, converting a governance gate into a retrospective paper exercise",
     "Listing fidelity limitations in boilerplate language that does not reflect the specific method's constraints (e.g., 'results may vary' instead of 'LIME approximations are local and may not generalize to global model behavior')",
     "Approving a method without considering whether it can produce human-intelligible explanations as required by GDPR Art. 22 for automated decisions, selecting technically sophisticated methods that cannot be communicated to affected individuals",
     "Treating the method registry as a static document that is never updated when new model architectures are deployed, resulting in high-stakes models that have no approved method in the registry and are approved via undocumented exception"
    ],
    "update_status": "current",
    "layer_code": "XP"
   },
   {
    "id": "XP-02",
    "layer": "XP",
    "plane": "control",
    "name": "Decision-Level Explanation Requirements",
    "plain": "Organizations must define the type, depth, and format of explanation required for each class of AI-driven decision, with specific requirements mapped to applicable legal obligations including GDPR Art. 22, EU AI Act Art. 13, and the Colorado AI Act.",
    "threat": {
     "tags": [
      "explanation-gap",
      "gdpr-noncompliance",
      "individual-rights-violation",
      "regulatory-exposure"
     ],
     "desc": "Without decision-class-level explanation requirements, organizations apply inconsistent explanation standards across their AI portfolio. High-stakes decisions affecting individual rights may receive no more explanation than low-stakes recommendations, violating GDPR Art. 22 rights to explanation, EU AI Act disclosure obligations, and state-level AI transparency laws. Regulators may impose enforcement action for failure to provide 'meaningful information' as required by law."
    },
    "standard": [
     {
      "id": "eu_ai_act",
      "section": "Art. 13, Art. 86",
      "title": "Transparency and right to explanation for high-risk AI"
     },
     {
      "id": "eu_charter",
      "section": "Art. 8, Art. 47",
      "title": "Protection of personal data and right to effective remedy"
     },
     {
      "id": "nist_rmf",
      "section": "GOVERN 1.1",
      "title": "Legal and regulatory explanation requirements understood and documented"
     },
     {
      "id": "iso_42001",
      "section": "§6.1.2",
      "title": "AI risk assessment requirements"
     }
    ],
    "sources": [
     {
      "id": "openai_model_spec_2024",
      "title": "OpenAI Model Specification",
      "authority": "OpenAI, L.L.C.",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2024",
      "published_on": "2024-05-08",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://cdn.openai.com/spec/model-spec-2024-05-08.html",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "openai_model_spec_2024",
      "relationship": "informative_reference",
      "rationale": "Establishes OpenAI Model Specification requirements informing the apeiris://ethics/controls/XP-02 Decision-Level Explanation Requirements control.",
      "reviewed_on": "2026-07-01"
     },
     {
      "id": "microsoft_rai_standard_v2_2022",
      "title": "Microsoft Responsible AI Standard v2",
      "authority": "Microsoft Corporation",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2",
      "published_on": "2022-06-21",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.microsoft.com/en-us/ai/responsible-ai",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "microsoft_rai_standard_v2_2022",
      "relationship": "informative_reference",
      "rationale": "Establishes Microsoft Responsible AI Standard v2 requirements informing the apeiris://ethics/controls/XP-02 Decision-Level Explanation Requirements control.",
      "reviewed_on": "2026-07-01"
     },
     {
      "id": "google_ai_principles_2023",
      "title": "Google AI Principles",
      "authority": "Google LLC",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2025",
      "published_on": "2025-02-04",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://ai.google/responsibility/principles/",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "google_ai_principles_2023",
      "relationship": "informative_reference",
      "rationale": "Establishes Google AI Principles requirements informing the apeiris://ethics/controls/XP-02 Decision-Level Explanation Requirements control.",
      "reviewed_on": "2026-07-02"
     }
    ],
    "implementation": {
     "pattern": "Maintain a decision taxonomy that maps AI-driven decision classes to their applicable legal explanation obligations, minimum explanation depth, required format (written notice, on-screen summary, technical log), and delivery timeline. Integrate this taxonomy into model deployment approvals.",
     "steps": [
      "Enumerate all AI-driven decision classes in production, categorizing by stakes (high/medium/low), affected population (internal/consumer/regulated class), and applicable law (GDPR Art. 22, EU AI Act, Colorado AI Act, ECOA, FCRA).",
      "For each decision class, document the minimum explanation requirement: what must be communicated, in what format, to whom, and within what timeframe.",
      "Integrate the decision taxonomy into the model deployment pipeline as a required artifact, preventing deployment of decision-making models without a mapped explanation requirement.",
      "Review and update the decision taxonomy annually or when new AI use cases are introduced or applicable law changes."
     ],
     "ethics_officer": {
      "summary": "The decision taxonomy is the primary governance instrument for ensuring explanation rights are respected across the AI portfolio. It must reflect current legal obligations and be updated as laws evolve.",
      "actions": [
       "Review and approve the decision taxonomy at least annually.",
       "Escalate new decision classes that may trigger GDPR Art. 22 or equivalent obligations for legal review before deployment."
      ],
      "failure_signals": [
       "New AI decision classes deployed without corresponding taxonomy entry.",
       "Taxonomy not updated following enactment of new AI transparency legislation."
      ]
     },
     "legal_counsel": {
      "summary": "GDPR Art. 22, EU AI Act Art. 13 and 86, and the Colorado AI Act create specific explanation obligations. The decision taxonomy must accurately reflect which obligations apply to which decisions, and the organization must be able to demonstrate compliance on demand.",
      "actions": [
       "Review the decision taxonomy for legal accuracy across all applicable jurisdictions.",
       "Confirm that GDPR Art. 22 'solely automated' decisions are correctly identified and mapped to meaningful explanation requirements.",
       "Monitor emerging state AI transparency legislation (Colorado, Illinois, California) for new explanation obligations."
      ],
      "failure_signals": [
       "Solely automated decisions affecting EU data subjects lacking an Art. 22 explanation pathway.",
       "Taxonomy not reviewed by legal counsel in over 12 months."
      ]
     },
     "data_scientist": {
      "summary": "Your model's decision class determines the explanation format and depth required. Confirm the taxonomy entry for your use case before selecting your explainability method.",
      "actions": [
       "Verify the decision taxonomy entry for your AI use case before beginning explainability implementation.",
       "Implement explanation generation consistent with the taxonomy's format and depth requirements.",
       "Test that generated explanations meet the minimum content requirements defined in the taxonomy entry."
      ],
      "failure_signals": [
       "Model generates explanations that do not meet the format specified in the decision taxonomy.",
       "Explanation content omits required elements (e.g., key contributing factors, decision basis) for the decision class."
      ]
     },
     "grc_auditor": {
      "summary": "The decision taxonomy and deployment gate records are the primary audit artifacts. Verify that all production AI decision systems have a corresponding taxonomy entry and that the entry is current.",
      "actions": [
       "Request the decision taxonomy and compare against the AI system inventory.",
       "Sample regulated decision classes (GDPR Art. 22, EU AI Act high-risk) and verify explanation delivery records exist.",
       "Verify taxonomy was reviewed by legal counsel within the past 12 months."
      ],
      "metrics": [
       "Percentage of AI decision systems with a current taxonomy entry: target 100%.",
       "Percentage of regulated decision classes with explanation delivery records: target 100%."
      ],
      "failure_signals": [
       "AI decision systems without a taxonomy entry.",
       "Regulated decision classes lacking explanation delivery records."
      ]
     },
     "business_stakeholder": {
      "summary": "Understanding which of your AI-driven decisions require explanation is a business risk issue. Failure to provide required explanations can result in regulatory fines, individual complaints, and reputational damage.",
      "actions": [
       "Participate in the decision taxonomy review to confirm all business use cases are accurately classified.",
       "Ensure business processes support delivery of required explanations within the timeframes specified in the taxonomy."
      ],
      "failure_signals": [
       "Business processes do not support timely delivery of required explanations to affected individuals.",
       "New AI use cases introduced without taxonomy classification."
      ]
     }
    },
    "maturity": {
     "current": "initial",
     "target": "defined",
     "notes": "Most enterprises lack a formal decision taxonomy; explanation requirements are addressed reactively per incident."
    },
    "capability_risk": {
     "capability_level": "none"
    },
    "tiers": [
     "universal-enterprise",
     "high-risk-sector",
     "eu-high-risk-ai",
     "multi-tenant"
    ],
    "implementers": [
     "Legal",
     "AI Ethics Team",
     "Product",
     "GRC"
    ],
    "frameworks": [
     {
      "framework": "eu_ai_act",
      "requirement_id": "Art. 13, Art. 86",
      "fit": "direct",
      "rationale": "EU AI Act Art. 13 mandates transparency requirements for high-risk AI systems, and Art. 86 provides individuals the right to explanation for significant AI-driven decisions. The decision taxonomy directly operationalizes these requirements by mapping each decision class to its applicable obligations.",
      "normative_force": "binding-law",
      "source_version": "2024/1689",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "satisfies"
     },
     {
      "framework": "eu_charter",
      "requirement_id": "Art. 8, Art. 47",
      "fit": "direct",
      "rationale": "EU Charter Art. 8 protects personal data and Art. 47 guarantees the right to an effective remedy. AI-driven decisions affecting fundamental rights without adequate explanation may violate both provisions. The decision taxonomy ensures explanation requirements are mapped to decisions that engage these rights.",
      "normative_force": "binding-law",
      "source_version": "2012/C 326/02",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "satisfies"
     },
     {
      "framework": "nist_rmf",
      "requirement_id": "GOVERN 1.1",
      "fit": "partial",
      "rationale": "NIST AI RMF GOVERN 1.1 requires that legal and regulatory requirements involving AI are understood, managed, and documented. A decision taxonomy that maps each AI decision class to its explanation obligations is the instrument that documents and manages those legal explanation requirements across the portfolio.",
      "normative_force": "voluntary-standard",
      "source_version": "1.0",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "iso_42001",
      "requirement_id": "§6.1.2",
      "fit": "direct",
      "rationale": "ISO/IEC 42001:2023 §6.1.2 requires organizations to identify AI risks, including legal and compliance risks. Mapping decision classes to their explanation obligations is a prerequisite for identifying where non-compliance risk exists across the AI portfolio.",
      "normative_force": "certification-standard",
      "source_version": "2023",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "oecd_ai_principles",
      "requirement_id": "Principle 1.3",
      "fit": "direct",
      "rationale": "OECD AI Principles 2024 Principle 1.3 calls for transparency about AI systems and their impact on individuals. Decision-level explanation requirements operationalize this principle by ensuring that the level of transparency matches the decision stakes and the affected individual's rights.",
      "normative_force": "voluntary-standard",
      "source_version": "2024",
      "reviewed_on": "2026-07-02",
      "basis": "asserted",
      "relation": "informs"
     },
     {
      "framework": "un_ethics_ai",
      "requirement_id": "¶37–¶41 (Transparency and explainability)",
      "fit": "partial",
      "rationale": "UNESCO Recommendation ¶37–41 address transparency and explainability, including that people should have access to meaningful information about AI-assisted decisions that affect them. The decision taxonomy translates that expectation into per-decision-class explanation obligations.",
      "normative_force": "voluntary-standard",
      "source_version": "2021",
      "reviewed_on": "2026-07-02",
      "basis": "asserted",
      "relation": "informs"
     },
     {
      "framework": "openai_model_spec",
      "requirement_id": "Seek the truth together — Be honest and transparent",
      "fit": "partial",
      "rationale": "XP-02 defines the type, depth, and format of explanation owed for each class of AI-driven decision. The Model Spec's 'Be honest and transparent' rules commit the model to honest, calibrated communication about the basis of its outputs; mapping decision classes to explanation obligations extends that honesty commitment into an enterprise-wide, legally grounded explanation taxonomy.",
      "normative_force": "best-practice",
      "source_version": "2025-12-18",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "microsoft_rai",
      "requirement_id": "Goals T1–T3 (Transparency)",
      "fit": "direct",
      "rationale": "XP-02 (Decision-Level Explanation Requirements) establishes a decision taxonomy that maps each AI decision class to its applicable explanation obligations, minimum depth, required format, and delivery timeline — integrating this taxonomy into model deployment approvals. Microsoft Responsible AI Standard v2 Transparency requirements mandate that AI systems provide explanations appropriate to the context, audience, and stakes of AI-driven decisions, with specific requirements for how systems communicate their outputs to affected parties. The XP-02 decision taxonomy directly operationalizes this standard by creating structured, auditable explanation requirements for every decision class across the AI portfolio.",
      "normative_force": "best-practice",
      "source_version": "v2 (2022)",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "google_ai_principles",
      "requirement_id": "Responsible development and deployment — appropriate human oversight, due diligence, and feedback mechanisms",
      "fit": "partial",
      "rationale": "Google's current AI Principles (the 2025 revision, which replaced the 2018 seven-principles list with three pillars — Bold innovation; Responsible development and deployment; Collaborative progress) commit to feedback mechanisms that align AI with user goals and social responsibility, which requires that affected people can understand the basis of AI-driven decisions. XP-02's decision taxonomy maps each decision class to its explanation obligations, making that understanding concrete and legally grounded.",
      "normative_force": "best-practice",
      "source_version": "2025",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "owasp_ai_exchange",
      "requirement_id": "explainability",
      "fit": "direct",
      "rationale": "XP-02 specifies the required explanation type, depth, and format for each AI-driven decision class, delivering the decision explainability the AI Exchange control demands.",
      "normative_force": "industry-framework",
      "source_version": "continuously-updated",
      "reviewed_on": "2026-07-08",
      "basis": "anchored",
      "relation": "equivalent_to"
     }
    ],
    "canonical_id": "apeiris://ethics/controls/XP-02",
    "meta": {
     "authored_on": "2026-06-29",
     "schema_version": "1.1.0"
    },
    "validation_objective": "Each class of AI-driven decision has a documented explanation specification that defines the required explanation type, depth, and format, explicitly maps to applicable legal obligations (GDPR Art. 22, EU AI Act Art. 13, Colorado AI Act, or other jurisdiction-specific requirements), and is implemented in deployed systems such that explanations generated conform to the specification and are verifiably produced before each decision is communicated.",
    "evidence_required": [
     "decision_explanation_specification per decision class with fields: decision_class_id, applicable_legal_obligations, required_explanation_type (feature-attribution, counterfactual, rule-based, natural-language), required_depth (summary, detailed, technical), required_format (structured-json, natural-language, visual), and audience (end-user, regulator, internal-audit)",
     "explanation_generation_log showing that for each AI decision record a corresponding explanation artifact was generated with timestamp, decision_id, explanation_type, and explanation_content_hash",
     "explanation_format_compliance_test_report confirming that generated explanations conform to the specification for each decision class",
     "legal_review_attestation confirming the explanation specification meets applicable legal obligations for each jurisdiction in which the system is deployed"
    ],
    "machine_tests": [
     "For a sample of 100 recent AI decision records, query explanation_generation_log and verify each decision_id has a corresponding explanation artifact with explanation_generated_timestamp <= decision_communicated_timestamp → assert 100% match rate",
     "Submit a test decision to each production AI system and verify the returned explanation conforms to the specification (type, depth, format fields present and matching expected values) → assert all fields valid",
     "Query decision_records where decision_class requires GDPR Art. 22 explanation and explanation_type does not match required_explanation_type in specification → assert zero non-conforming records",
     "Trigger an automated decision under each decision class in staging and verify that explanation output contains required fields (reason_codes or feature attributions, confidence indicators, decision_basis) per specification → assert all required fields populated"
    ],
    "human_review": [
     "Review explanation specifications for high-stakes decision classes (credit, employment, housing, insurance) and assess whether the required explanation depth and format are sufficient for an affected individual to understand and contest the decision, not merely technically compliant with a minimum standard",
     "Assess the explanation specification for each decision class against applicable legal obligations with legal counsel: verify GDPR Art. 22 meaningful information standard, EU AI Act Art. 13 transparency requirements, and any applicable national law (Colorado AI Act, NY Local Law 144) are explicitly addressed",
     "Review the explanation format for each decision class for audience appropriateness: verify that end-user-facing explanations are in plain language, regulator-facing explanations include technical detail, and internal audit explanations include traceable model references"
    ],
    "blocking_effect": "blocks-deployment",
    "normative_status": "binding-law",
    "anti_patterns": [
     "Defining a single generic explanation format for all decision classes regardless of legal obligations or audience, producing technically-present but legally non-compliant explanations for high-stakes automated decisions",
     "Generating explanations after the decision has been communicated to the affected individual, violating the GDPR Art. 22 requirement that meaningful information be provided at the time of the automated decision",
     "Using explanation types that satisfy the technical format requirement but are unintelligible to the affected individual (e.g., raw SHAP values presented as a JSON array) without translation to human-readable reason statements",
     "Failing to map explanation requirements to applicable national law where EU directives have been transposed with additional specificity, resulting in explanations that satisfy EU-level requirements but not national implementing regulations",
     "Treating explanation depth as a fixed specification parameter rather than adjusting required depth based on the stakes of the decision class, providing the same shallow summary for a loan denial as for a low-risk marketing preference"
    ],
    "update_status": "current",
    "layer_code": "XP"
   },
   {
    "id": "XP-03",
    "layer": "XP",
    "plane": "control",
    "name": "Explanation Fidelity and Accuracy Verification",
    "plain": "Organizations must verify that the explanations generated for AI decisions accurately represent the model's actual decision logic, not post-hoc rationalizations, and must maintain fidelity benchmarks and periodic revalidation schedules for all explanation systems.",
    "threat": {
     "tags": [
      "fidelity-gap",
      "misleading-explanation",
      "post-hoc-rationalization",
      "model-drift"
     ],
     "desc": "Post-hoc explanation methods such as LIME and SHAP can produce plausible-sounding but inaccurate attributions, particularly for high-complexity models. If the explanation system drifts from the model it purports to explain, stakeholders and regulators may be misled about the actual basis for decisions. This creates legal liability where explanation fidelity is a regulatory requirement and undermines the informed consent of affected individuals."
    },
    "standard": [
     {
      "id": "nist_rmf",
      "section": "MEASURE 2.9",
      "title": "Explainability and interpretability validation"
     },
     {
      "id": "ieee_7000",
      "section": "Clause 11",
      "title": "Transparency management — verifiable transparency properties"
     },
     {
      "id": "iso_42001",
      "section": "§9.1",
      "title": "AI performance monitoring and evaluation"
     },
     {
      "id": "acm_ethics",
      "section": "§2.5",
      "title": "Give comprehensive and thorough evaluations of AI systems"
     }
    ],
    "sources": [
     {
      "id": "microsoft_rai_standard_v2_2022",
      "title": "Microsoft Responsible AI Standard v2",
      "authority": "Microsoft Corporation",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2",
      "published_on": "2022-06-21",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.microsoft.com/en-us/ai/responsible-ai",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "microsoft_rai_standard_v2_2022",
      "relationship": "informative_reference",
      "rationale": "Establishes Microsoft Responsible AI Standard v2 requirements informing the apeiris://ethics/controls/XP-03 Explanation Fidelity and Accuracy Verification control.",
      "reviewed_on": "2026-07-01"
     },
     {
      "id": "openai_model_spec_2024",
      "title": "OpenAI Model Specification",
      "authority": "OpenAI, L.L.C.",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2024",
      "published_on": "2024-05-08",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://cdn.openai.com/spec/model-spec-2024-05-08.html",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "openai_model_spec_2024",
      "relationship": "informative_reference",
      "rationale": "Establishes OpenAI Model Specification requirements informing the apeiris://ethics/controls/XP-03 Explanation Fidelity and Accuracy Verification control.",
      "reviewed_on": "2026-07-01"
     },
     {
      "id": "google_ai_principles_2023",
      "title": "Google AI Principles",
      "authority": "Google LLC",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2025",
      "published_on": "2025-02-04",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://ai.google/responsibility/principles/",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "google_ai_principles_2023",
      "relationship": "informative_reference",
      "rationale": "Establishes Google AI Principles requirements informing the apeiris://ethics/controls/XP-03 Explanation Fidelity and Accuracy Verification control.",
      "reviewed_on": "2026-07-02"
     }
    ],
    "implementation": {
     "pattern": "Establish fidelity verification protocols that test explanation accuracy against ground truth using perturbation analysis, faithfulness metrics (e.g., AOPC, comprehensiveness), and stability testing. Revalidate explanation systems following model updates and on a scheduled periodic basis.",
     "steps": [
      "Define fidelity metrics for each explanation method in use, including perturbation faithfulness (AOPC/comprehensiveness for feature attribution), explanation stability (Lipschitz continuity proxy), and, where applicable, model simulation accuracy.",
      "Implement automated fidelity testing in the model evaluation pipeline that runs fidelity benchmarks before every model update reaches production.",
      "Establish a periodic revalidation schedule (at minimum annual, or after any model update) that reruns fidelity benchmarks and flags degradation below acceptable thresholds.",
      "Maintain fidelity verification records as part of the model's evidence package, including benchmark results, thresholds, and any remediation actions taken."
     ],
     "data_scientist": {
      "summary": "Explanation fidelity is your technical responsibility. Choose metrics appropriate to your method, establish baselines at initial deployment, and rerun them after any model change.",
      "actions": [
       "Implement AOPC, comprehensiveness, or equivalent faithfulness metrics for each feature attribution explanation method.",
       "Test explanation stability across semantically equivalent inputs and document acceptable stability thresholds.",
       "Rerun fidelity benchmarks after every model weight update, hyperparameter change, or training data refresh."
      ],
      "failure_signals": [
       "Fidelity metrics below established thresholds without documented remediation.",
       "Explanation system not revalidated following a model update."
      ]
     },
     "ethics_officer": {
      "summary": "Fidelity verification ensures that explanations provided to affected individuals, regulators, and internal reviewers are truthful. An unfaithful explanation is worse than no explanation — it misleads.",
      "actions": [
       "Review fidelity benchmark results as part of the ethics review for high-stakes model deployments.",
       "Escalate cases where fidelity metrics indicate explanation methods are materially inaccurate for the model type."
      ],
      "failure_signals": [
       "High-stakes models using explanation methods with documented low fidelity for the model architecture.",
       "No fidelity benchmarks exist for deployed explanation systems."
      ]
     },
     "grc_auditor": {
      "summary": "Fidelity verification records and benchmark results are the primary audit artifacts for this control. Verify that benchmarks exist, thresholds are defined, and revalidation has occurred on schedule.",
      "actions": [
       "Request fidelity benchmark records for all production explanation systems.",
       "Verify that thresholds are defined and that current metrics meet those thresholds.",
       "Confirm revalidation occurred following the last model update for sampled high-stakes models."
      ],
      "metrics": [
       "Percentage of explanation systems with defined and current fidelity benchmarks: target 100%.",
       "Percentage of models with revalidated fidelity following the most recent update: target 100%."
      ],
      "failure_signals": [
       "Explanation systems without defined fidelity benchmarks.",
       "Fidelity metrics below threshold with no documented remediation plan."
      ]
     },
     "legal_counsel": {
      "summary": "Unfaithful explanations create legal liability. If a regulator or court finds that the explanation provided to an individual did not accurately represent the decision basis, the organization faces exposure under GDPR Art. 22, EU AI Act, and applicable consumer protection laws.",
      "actions": [
       "Review fidelity verification methodology for high-stakes explanation systems to confirm it would withstand regulatory scrutiny.",
       "Confirm that explanation fidelity verification records are retained for the period required by applicable law."
      ],
      "failure_signals": [
       "No documented fidelity verification for explanation systems used in legally significant decisions.",
       "Explanation system methodology not reviewed for regulatory defensibility."
      ]
     }
    },
    "maturity": {
     "current": "initial",
     "target": "managed",
     "notes": "Fidelity verification is nascent in enterprise practice; most organizations do not measure whether their explanations are accurate."
    },
    "capability_risk": {
     "capability_level": "none"
    },
    "tiers": [
     "universal-enterprise",
     "cloud-native",
     "high-risk-sector",
     "eu-high-risk-ai"
    ],
    "implementers": [
     "Data Science",
     "ML Engineering",
     "AI Ethics Team",
     "GRC"
    ],
    "frameworks": [
     {
      "framework": "nist_rmf",
      "requirement_id": "MEASURE 2.9",
      "fit": "direct",
      "rationale": "NIST AI RMF MEASURE 2.9 requires that the AI model is explained, validated, and documented — including that explanations accurately characterize actual system behavior. Fidelity verification directly implements this measurement requirement by benchmarking whether explanations represent real model decision logic.",
      "normative_force": "voluntary-standard",
      "source_version": "1.0",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "ieee_7000",
      "requirement_id": "Clause 11 (Transparency management)",
      "fit": "direct",
      "rationale": "IEEE 7000-2021 clause 11's transparency management process commits the organization to defined transparency for stakeholders, which is only meaningful if the explanations provided are accurate. Fidelity benchmarks supply the verifiable evidence that transparency commitments are honored over the system lifecycle.",
      "normative_force": "voluntary-standard",
      "source_version": "2021",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "iso_42001",
      "requirement_id": "§9.1",
      "fit": "direct",
      "rationale": "ISO/IEC 42001:2023 §9.1 requires ongoing monitoring and evaluation of AI system performance, including the performance of transparency and explainability mechanisms. Fidelity revalidation schedules directly satisfy this monitoring requirement.",
      "normative_force": "certification-standard",
      "source_version": "2023",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "acm_ethics",
      "requirement_id": "§2.5",
      "fit": "partial",
      "rationale": "ACM Code of Ethics §2.5 requires comprehensive and thorough evaluations of AI systems. This obligation extends to the explanation systems that characterize AI behavior — claiming an explanation is accurate without verifying it is a failure of professional responsibility.",
      "normative_force": "best-practice",
      "source_version": "2018",
      "reviewed_on": "2026-06-29",
      "basis": "asserted",
      "relation": "informs"
     },
     {
      "framework": "microsoft_rai",
      "requirement_id": "Goal T1 (System intelligibility for decision making)",
      "fit": "partial",
      "rationale": "Microsoft Responsible AI Standard v2 Goal T1 (system intelligibility for decision making) requires that intelligibility mechanisms genuinely support stakeholder understanding of system behavior, which entails validating that they accurately represent that behavior. Microsoft's published transparency guidance provides an industry reference point for implementing this control.",
      "normative_force": "best-practice",
      "source_version": "v2 (2022)",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "eu_ai_act",
      "requirement_id": "Art. 9(8)",
      "fit": "adjacent",
      "rationale": "EU AI Act Art. 9(8) requires that testing of high-risk AI systems be performed against prior defined metrics and probabilistic thresholds appropriate to the intended purpose. By analogy, explanation systems accompanying high-risk AI decisions must be validated against defined fidelity metrics, supporting the broader transparency obligations under Art. 13.",
      "normative_force": "binding-law",
      "source_version": "2024/1689",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "satisfies"
     },
     {
      "framework": "openai_model_spec",
      "requirement_id": "Seek the truth together — Be honest and transparent",
      "fit": "partial",
      "rationale": "XP-03 verifies that explanation systems accurately represent model decision logic rather than producing post-hoc rationalizations. The Model Spec's honesty rules (Seek the truth together — Be honest and transparent) prohibit deceptive misrepresentation of the model's reasoning or behavior; unfaithful explanations are precisely such a misrepresentation, making fidelity verification an enforcement mechanism for the spec's honesty principle.",
      "normative_force": "best-practice",
      "source_version": "2025-12-18",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "google_ai_principles",
      "requirement_id": "Responsible development and deployment — appropriate human oversight, due diligence, and feedback mechanisms",
      "fit": "partial",
      "rationale": "Google's current AI Principles (the 2025 revision, which replaced the 2018 seven-principles list with three pillars — Bold innovation; Responsible development and deployment; Collaborative progress) commit to rigorous testing and monitoring together with human oversight. XP-03's fidelity benchmarks and revalidation schedules apply that testing discipline to the explanation layer itself, ensuring explanations provided to stakeholders accurately represent model behavior throughout the lifecycle.",
      "normative_force": "best-practice",
      "source_version": "2025",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "owasp_ai_exchange",
      "requirement_id": "explainability",
      "fit": "supporting",
      "rationale": "XP-03 verifies that explanations faithfully represent the model's actual decision logic, strengthening the truthfulness of the explainability AI Exchange requires.",
      "normative_force": "industry-framework",
      "source_version": "continuously-updated",
      "reviewed_on": "2026-07-08",
      "basis": "anchored",
      "relation": "equivalent_to"
     }
    ],
    "canonical_id": "apeiris://ethics/controls/XP-03",
    "meta": {
     "authored_on": "2026-06-29",
     "schema_version": "1.1.0"
    },
    "validation_objective": "Every explanation system in production has documented fidelity benchmarks showing that explanations accurately represent the model's actual decision logic (not post-hoc rationalizations), fidelity is measured and recorded at deployment and at each periodic revalidation, and any explanation system whose fidelity falls below the defined threshold is taken offline or flagged as non-compliant pending remediation.",
    "evidence_required": [
     "fidelity_benchmark_report per explanation system with fields: model_id, explanation_method, fidelity_metric (e.g., faithfulness score, perturbation consistency score, counterfactual validity rate), measured_value, threshold_value, benchmark_date, and revalidation_due_date",
     "perturbation_consistency_test_results showing that explanations for semantically similar inputs are stable within the defined tolerance (not randomly varying across small input changes)",
     "fidelity_revalidation_schedule listing each explanation system with last_revalidation_date and next_scheduled_revalidation_date",
     "explanation_fidelity_alert_log recording any instance where measured fidelity fell below threshold, the response action taken, and the date the system was returned to compliant status"
    ],
    "machine_tests": [
     "Apply targeted perturbations to 50 representative inputs (small semantically-irrelevant changes) and measure explanation variance across perturbations per explanation method → assert explanation stability score exceeds defined threshold (e.g., 0.85 Jaccard similarity for top-5 feature attributions)",
     "Compare explanation output for 20 pairs of near-identical inputs that differ only on a protected characteristic (held constant in the model) → assert explanations do not cite the protected characteristic as a contributing factor",
     "Generate a counterfactual explanation for a denied decision and verify the counterfactual satisfies validity: the suggested change actually produces a positive outcome when re-scored by the model → assert counterfactual validity rate exceeds 90%",
     "Query fidelity_benchmark_report for explanation systems where revalidation_due_date < today and last_revalidation_status != 'completed' → assert zero overdue revalidations"
    ],
    "human_review": [
     "Review the fidelity benchmark methodology for each explanation system and assess whether the chosen fidelity metric (faithfulness score, deletion/insertion benchmark, ROAR test) is appropriate for the explanation method in use and whether the threshold value was set based on empirical analysis rather than convenience",
     "Examine a sample of five explanation outputs alongside the corresponding model decision traces and assess whether the cited feature attributions or reason codes are plausible given the model's known behavior, or whether they appear to be post-hoc rationalizations that do not match the decision pathway",
     "Review the periodic revalidation schedule and confirm it is triggered not only by calendar cadence but also by material model changes (retraining, feature updates, threshold changes) that could alter the fidelity relationship between model and explanation system"
    ],
    "blocking_effect": "blocks-deployment",
    "normative_status": "binding-law",
    "anti_patterns": [
     "Deploying an explanation system without establishing a fidelity benchmark at deployment time, making it impossible to detect fidelity degradation over time as the underlying model evolves",
     "Setting fidelity thresholds at values that all current explanation systems already exceed without empirical justification, creating thresholds that serve as documentation without actually constraining explanation quality",
     "Applying SHAP or LIME explanations to a deep neural model and presenting the feature attributions as reflecting the model's actual causal decision pathway, when these post-hoc approximation methods may produce locally faithful but globally misleading attributions",
     "Running fidelity benchmarks only at initial deployment and never revalidating after model retraining or feature changes, missing fidelity degradation caused by model drift that invalidates the original explanation system",
     "Using explanation stability as the sole fidelity measure without testing faithfulness (whether the explanation actually reflects what the model used) — a consistently wrong explanation is stable but still unfaithful"
    ],
    "update_status": "current",
    "layer_code": "XP"
   },
   {
    "id": "XP-04",
    "layer": "XP",
    "plane": "control",
    "name": "Adverse Action Notice and Explanation (ECOA/Reg B, FCRA)",
    "plain": "AI systems that drive credit, employment, housing, or insurance decisions must generate legally compliant adverse action notices that identify the principal reason codes for denial or adverse treatment, satisfy ECOA/Regulation B and FCRA requirements, and are traceable to the model's actual decision factors.",
    "threat": {
     "tags": [
      "adverse-action-noncompliance",
      "discriminatory-decision",
      "individual-rights-violation",
      "regulatory-penalty"
     ],
     "desc": "AI-driven adverse decisions in regulated sectors generate ECOA, Regulation B, and FCRA compliance obligations that differ materially from standard AI transparency requirements. Failure to provide accurate reason codes — or providing reason codes that do not reflect the model's actual decision logic — exposes organizations to CFPB enforcement, individual litigation, and class action risk. AI models often surface proxies for protected characteristics that produce facially neutral but substantively discriminatory reason codes."
    },
    "standard": [
     {
      "id": "eu_ai_act",
      "section": "Art. 86",
      "title": "Right to explanation for AI-driven decisions"
     },
     {
      "id": "nist_rmf",
      "section": "GOVERN 1.1",
      "title": "Legal and regulatory requirements for AI managed and documented"
     },
     {
      "id": "iso_42001",
      "section": "§8.4",
      "title": "AI impact assessment — regulated sector requirements"
     },
     {
      "id": "ieee_7000",
      "section": "Clause 7",
      "title": "Context exploration — stakeholders in high-stakes automated decisions"
     }
    ],
    "sources": [
     {
      "id": "ibm_ai_fairness_360_2021",
      "title": "IBM AI Fairness 360 (AIF360)",
      "authority": "IBM Corporation",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2018",
      "published_on": "2018-09-19",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://github.com/Trusted-AI/AIF360",
      "license": "open-source-apache2",
      "status": "current",
      "flagship": false,
      "source_id": "ibm_ai_fairness_360_2021",
      "relationship": "informative_reference",
      "rationale": "Establishes IBM AI Fairness 360 (AIF360) requirements informing the apeiris://ethics/controls/XP-04 Adverse Action Notice and Explanation (ECOA/Reg B, FCRA) control.",
      "reviewed_on": "2026-07-02"
     },
     {
      "id": "microsoft_rai_standard_v2_2022",
      "title": "Microsoft Responsible AI Standard v2",
      "authority": "Microsoft Corporation",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2",
      "published_on": "2022-06-21",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.microsoft.com/en-us/ai/responsible-ai",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "microsoft_rai_standard_v2_2022",
      "relationship": "informative_reference",
      "rationale": "Establishes Microsoft Responsible AI Standard v2 requirements informing the apeiris://ethics/controls/XP-04 Adverse Action Notice and Explanation (ECOA/Reg B, FCRA) control.",
      "reviewed_on": "2026-07-01"
     },
     {
      "id": "google_ai_principles_2023",
      "title": "Google AI Principles",
      "authority": "Google LLC",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2025",
      "published_on": "2025-02-04",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://ai.google/responsibility/principles/",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "google_ai_principles_2023",
      "relationship": "informative_reference",
      "rationale": "Establishes Google AI Principles requirements informing the apeiris://ethics/controls/XP-04 Adverse Action Notice and Explanation (ECOA/Reg B, FCRA) control.",
      "reviewed_on": "2026-07-02"
     },
     {
      "id": "openai_model_spec_2024",
      "title": "OpenAI Model Specification",
      "authority": "OpenAI, L.L.C.",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2024",
      "published_on": "2024-05-08",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://cdn.openai.com/spec/model-spec-2024-05-08.html",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "openai_model_spec_2024",
      "relationship": "informative_reference",
      "rationale": "Establishes OpenAI Model Specification requirements informing the apeiris://ethics/controls/XP-04 Adverse Action Notice and Explanation (ECOA/Reg B, FCRA) control.",
      "reviewed_on": "2026-07-01"
     }
    ],
    "implementation": {
     "pattern": "Implement an adverse action reason code generation pipeline that extracts principal reason codes directly from model feature attributions, maps them to ECOA/FCRA-compliant plain-language descriptions, and generates compliant notices with required delivery timelines. Maintain audit logs of reason code generation tracing to model decisions.",
     "steps": [
      "Map model feature attributions to a curated library of ECOA/FCRA-compliant reason codes, with each reason code tied to a specific feature or feature group and reviewed by legal counsel for accuracy and non-discriminatory framing.",
      "Implement automated reason code generation that selects the top adverse factors from model attributions and formats them into compliant notices meeting Regulation B timing requirements (30-day notice for credit decisions).",
      "Test reason code generation against a representative sample of adverse decisions to verify that selected codes accurately describe the model's actual decision factors and do not reflect protected characteristic proxies.",
      "Maintain audit logs that link each adverse action notice to the model version, feature attribution output, and reason codes selected, retaining records for the period required by applicable law."
     ],
     "legal_counsel": {
      "summary": "ECOA, Regulation B, and FCRA create specific adverse action notice requirements that AI-driven decisions must satisfy. The reason codes must be accurate, specific, and derived from the model's actual decision logic — not generic boilerplate.",
      "actions": [
       "Review the reason code library for ECOA and FCRA compliance, including accuracy of plain-language descriptions and absence of protected characteristic proxies.",
       "Confirm Regulation B timing requirements are met by the automated notice generation process.",
       "Review adverse action notice templates for compliance with CFPB guidance on AI-driven adverse action."
      ],
      "failure_signals": [
       "Reason codes that are generic or do not reflect the model's actual decision factors.",
       "Adverse action notices delivered outside Regulation B required timelines.",
       "Reason codes that correlate with or proxy protected characteristics."
      ]
     },
     "data_scientist": {
      "summary": "The accuracy of adverse action reason codes depends on the faithfulness of your feature attribution method and the quality of the reason code mapping. Test the end-to-end pipeline against real adverse decision cases.",
      "actions": [
       "Verify that feature attribution outputs for adverse cases identify the actual top factors driving the denial.",
       "Test the reason code mapping to confirm selected codes accurately describe the corresponding model features.",
       "Check that reason codes do not reflect features that are proxies for race, gender, or other protected characteristics."
      ],
      "failure_signals": [
       "Feature attribution outputs for adverse cases show low fidelity or instability.",
       "Reason code mapping produces codes that do not correspond to the features actually driving the adverse decision."
      ]
     },
     "ethics_officer": {
      "summary": "Adverse action notices are a critical individual rights interface. The accuracy of reason codes determines whether affected individuals can meaningfully exercise their rights to contest decisions. Proxy discrimination through reason codes is an ethics failure, not just a legal one.",
      "actions": [
       "Review adverse action reason code library for potential proxy discrimination issues.",
       "Ensure ethics review of AI credit, employment, and housing models includes verification of reason code accuracy."
      ],
      "failure_signals": [
       "Reason codes that proxy protected characteristics without detection.",
       "No ethics review of adverse action reason code pipelines for high-stakes decision models."
      ]
     },
     "grc_auditor": {
      "summary": "Adverse action compliance is an audit priority for financial services and employment AI. Verify that the reason code pipeline is implemented, tested, and producing compliant notices for all applicable decisions.",
      "actions": [
       "Sample adverse action notices from the past quarter and verify reason codes are present, accurate, and non-generic.",
       "Verify audit logs linking notices to model attribution outputs exist and are retained per legal requirements.",
       "Confirm Regulation B timing compliance through notice delivery timestamp records."
      ],
      "metrics": [
       "Percentage of adverse action decisions with compliant notices containing accurate reason codes: target 100%.",
       "Percentage of notices delivered within Regulation B required timelines: target 100%."
      ],
      "failure_signals": [
       "Adverse decisions without compliant notices.",
       "Reason code audit logs missing or not linked to model attribution outputs."
      ]
     }
    },
    "maturity": {
     "current": "initial",
     "target": "defined",
     "notes": "Many organizations use legacy reason code systems not designed for AI models; AI-specific adverse action compliance is an emerging regulatory focus."
    },
    "capability_risk": {
     "capability_level": "none"
    },
    "tiers": [
     "universal-enterprise",
     "high-risk-sector",
     "eu-high-risk-ai",
     "federated-enterprise"
    ],
    "implementers": [
     "Legal Counsel",
     "Compliance",
     "Data Science",
     "Product"
    ],
    "frameworks": [
     {
      "framework": "eu_ai_act",
      "requirement_id": "Art. 86",
      "fit": "direct",
      "rationale": "EU AI Act Art. 86 provides individuals the right to obtain an explanation for AI system outputs that significantly affect them, including adverse decisions. This control implements that right for credit, employment, and housing contexts, complementing US regulatory requirements with EU-specific explanation obligations.",
      "normative_force": "binding-law",
      "source_version": "2024/1689",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "satisfies"
     },
     {
      "framework": "nist_rmf",
      "requirement_id": "GOVERN 1.1",
      "fit": "direct",
      "rationale": "NIST AI RMF GOVERN 1.1 requires that legal and regulatory requirements involving AI are understood, managed, and documented. Adverse action notice obligations in credit, employment, and housing are among the most consequential such requirements, and this control implements the management practices that keep them satisfied.",
      "normative_force": "voluntary-standard",
      "source_version": "1.0",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "iso_42001",
      "requirement_id": "§8.4",
      "fit": "partial",
      "rationale": "ISO/IEC 42001:2023 §8.4 requires AI impact assessments to address legally significant AI applications. Adverse action decisions in regulated sectors are among the highest-stakes legally significant AI applications, and the impact assessment must include adverse action compliance as a specific risk area.",
      "normative_force": "certification-standard",
      "source_version": "2023",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "ieee_7000",
      "requirement_id": "Clause 7 (Concept of operations and context exploration)",
      "fit": "partial",
      "rationale": "IEEE 7000-2021 clause 7 (concept of operations and context exploration) requires understanding the system's operational context and the stakeholders affected by it — including those subject to high-stakes automated decisions. Adverse action notice requirements are the legal instantiation of those stakeholder interests, and this control implements the engineering practices that support them.",
      "normative_force": "voluntary-standard",
      "source_version": "2021",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "oecd_ai_principles",
      "requirement_id": "Principle 1.3",
      "fit": "adjacent",
      "rationale": "OECD AI Principles 2024 Principle 1.3 on transparency and explainability extends to regulatory contexts where transparency is legally mandated. Adverse action notices are a legally mandated transparency requirement, and the OECD principles support the policy rationale for these requirements.",
      "normative_force": "voluntary-standard",
      "source_version": "2024",
      "reviewed_on": "2026-07-02",
      "basis": "asserted",
      "relation": "informs"
     },
     {
      "framework": "ibm_ai_fairness",
      "requirement_id": "Disparate impact metric",
      "fit": "partial",
      "rationale": "AIF360's disparate impact metric quantifies outcome-rate disparities between protected groups, which is the appropriate check when verifying that adverse action reason codes do not proxy protected characteristics. XP-04's reason-code pipeline testing can use the toolkit's metrics to measure whether selected codes correlate with protected-group membership.",
      "normative_force": "best-practice",
      "source_version": "2018",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "microsoft_rai",
      "requirement_id": "Goals F1–F2 (Quality of service; Allocation of resources and opportunities)",
      "fit": "partial",
      "rationale": "XP-04 (Adverse Action Notice and Explanation) requires that adverse action reason code pipelines be tested to verify that selected codes do not reflect features that proxy protected characteristics — race, gender, national origin — and that AI-driven adverse decisions in regulated sectors generate legally compliant notices traceable to actual model factors. Microsoft Responsible AI Standard v2 Fairness goals address preventing discriminatory outcomes in AI systems affecting individuals, including requirements for disparate impact testing and protected class analysis in decision systems. XP-04's requirement to verify reason codes against protected characteristic proxies is a direct implementation of Microsoft RAI's fairness goals for high-stakes regulated decision domains.",
      "normative_force": "best-practice",
      "source_version": "v2 (2022)",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "google_ai_principles",
      "requirement_id": "Responsible development and deployment — mitigating unintended or harmful outcomes and avoiding unfair bias",
      "fit": "partial",
      "rationale": "Google's current AI Principles (the 2025 revision, which replaced the 2018 seven-principles list with three pillars — Bold innovation; Responsible development and deployment; Collaborative progress) commit to mitigating harmful outcomes and avoiding unfair bias. Verifying that adverse action reason codes do not proxy protected characteristics in credit, employment, and housing contexts is a direct implementation of that commitment in the domains where AI-driven discrimination causes the most serious harm.",
      "normative_force": "best-practice",
      "source_version": "2025",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "openai_model_spec",
      "requirement_id": "Stay in bounds — Try to prevent imminent real-world harm",
      "fit": "adjacent",
      "rationale": "XP-04 governs adverse action notices in credit, employment, housing, and insurance, where inaccurate or proxy-tainted reason codes cause concrete harm through wrongful denial of essential services. The Model Spec's Stay in bounds rules commit OpenAI's models to preventing real-world harm; accurate, legally compliant adverse action explanation is the deployment-layer harm-avoidance discipline for these regulated decision domains.",
      "normative_force": "best-practice",
      "source_version": "2025-12-18",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     }
    ],
    "canonical_id": "apeiris://ethics/controls/XP-04",
    "meta": {
     "authored_on": "2026-06-29",
     "schema_version": "1.1.0"
    },
    "validation_objective": "Every adverse credit, employment, housing, or insurance decision driven by an AI system generates a legally compliant adverse action notice before the decision is communicated to the affected individual; the notice identifies principal reason codes traceable to the model's actual decision factors; and the organization can demonstrate compliance with ECOA/Regulation B, FCRA, and applicable state equivalents for 100% of AI-driven adverse decisions.",
    "evidence_required": [
     "adverse_action_notice_record per decision with fields: decision_id, model_id, decision_type (credit/employment/housing/insurance), reason_codes (minimum 4 per ECOA/Reg B), reason_code_traceability_evidence linking each code to a model feature or decision factor, notice_generated_timestamp, notice_delivered_timestamp, and regulatory_framework_satisfied (ECOA/FCRA/state)",
     "reason_code_to_model_feature_mapping document showing how each reason code maps to a specific model feature or feature group, reviewed and approved by legal counsel",
     "adverse_action_notice_completeness_audit_report confirming that 100% of adverse decisions in the audit period have corresponding notice records with all required fields",
     "legal_counsel_review_record confirming the notice template and reason code set satisfy ECOA Regulation B Section 202.9 and FCRA Section 615(a) requirements for the applicable decision type"
    ],
    "machine_tests": [
     "Query adverse_decision_log for the last 90 days and cross-reference with adverse_action_notice_record: assert every adverse_decision_id has a corresponding notice_record with notice_generated_timestamp <= decision_communicated_timestamp",
     "For each adverse action notice record, verify reason_codes array contains the required minimum count per regulatory framework (ECOA/Reg B: minimum 4 principal reasons for credit denial) → assert zero records with insufficient reason_codes",
     "Inject a synthetic adverse decision into the AI pipeline and verify the system generates a notice with all required fields populated before the decision payload is dispatched → assert notice fields: decision_id, reason_codes (>=4), notice_generated_timestamp all present",
     "Query adverse_action_notice_record for records where reason_code_traceability_evidence is null or empty → assert zero records (every reason code must be traceable to a model factor)"
    ],
    "human_review": [
     "Review the reason_code_to_model_feature_mapping with legal counsel and verify that each reason code is legally appropriate for the decision type, accurately reflects a model factor that materially influenced the adverse outcome, and is expressed in language an affected individual can understand and act upon",
     "Assess a sample of ten adverse action notices for regulatory completeness: verify required disclosures (right to obtain free credit report if FCRA applicable, right to request specific reasons within 60 days per Reg B) are included and correctly stated for the applicable regulatory framework",
     "Verify that the reason code generation mechanism is driven by the model's actual decision factors (e.g., highest-negative SHAP contributors) rather than a static code set assigned post-hoc, and that the mapping is re-validated when the model is retrained or feature weights change materially"
    ],
    "blocking_effect": "blocks-runtime-action",
    "normative_status": "binding-law",
    "anti_patterns": [
     "Using a static set of generic reason codes (e.g., 'insufficient credit history', 'high debt ratio') assigned by a rules engine rather than derived from the model's actual decision factors, producing notices that are legally formatted but not traceable to the AI system's reasoning",
     "Generating the adverse action notice as a post-processing step after the decision has already been communicated to the affected party, violating ECOA timing requirements",
     "Providing fewer than the regulatory minimum number of principal reasons (ECOA/Reg B requires at least four for credit denials) and filing missing reason slots with placeholder text",
     "Using reason codes developed for a traditional scorecard model without updating them when transitioning to an ML model, producing codes that reference features the new model does not use or does not use in the same way",
     "Omitting required regulatory disclosures (FCRA right to free credit report, Reg B right to request specific reasons) from the notice template and relying on separate workflow steps that may not execute reliably for every adverse decision"
    ],
    "update_status": "current",
    "layer_code": "XP"
   },
   {
    "id": "XP-05",
    "layer": "XP",
    "plane": "lifecycle",
    "name": "Model Card and System Card Transparency Disclosure",
    "plain": "Organizations must publish model cards and system transparency disclosures for all AI systems deployed in high-stakes or public-facing contexts, accurately representing system capabilities, limitations, intended use, known failure modes, and fairness evaluation results.",
    "threat": {
     "tags": [
      "capability-misrepresentation",
      "transparency-gap",
      "undisclosed-limitation",
      "stakeholder-deception"
     ],
     "desc": "Without standardized transparency disclosures, deployers, affected individuals, and regulators cannot make informed assessments of AI system risk. Organizations that overstate capabilities or omit known failure modes in model cards create liability under consumer protection and AI transparency laws, and undermine the informed consent of deployers and affected populations. Undisclosed limitations that result in harm are increasingly treated as misrepresentation in regulatory investigations."
    },
    "standard": [
     {
      "id": "nist_rmf",
      "section": "MAP 5.1",
      "title": "Likelihood and impact of undesirable AI outcomes identified and documented"
     },
     {
      "id": "eu_ai_act",
      "section": "Art. 11, Art. 13",
      "title": "Technical documentation and transparency for high-risk AI"
     },
     {
      "id": "iso_42001",
      "section": "§7.5",
      "title": "Documented information and AI system transparency"
     },
     {
      "id": "oecd_ai_principles",
      "section": "Principle 1.3",
      "title": "Transparency and explainability of AI systems"
     }
    ],
    "sources": [
     {
      "id": "microsoft_rai_standard_v2_2022",
      "title": "Microsoft Responsible AI Standard v2",
      "authority": "Microsoft Corporation",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2",
      "published_on": "2022-06-21",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.microsoft.com/en-us/ai/responsible-ai",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "microsoft_rai_standard_v2_2022",
      "relationship": "informative_reference",
      "rationale": "Establishes Microsoft Responsible AI Standard v2 requirements informing the apeiris://ethics/controls/XP-05 Model Card and System Card Transparency Disclosure control.",
      "reviewed_on": "2026-07-01"
     },
     {
      "id": "google_ai_principles_2023",
      "title": "Google AI Principles",
      "authority": "Google LLC",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2025",
      "published_on": "2025-02-04",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://ai.google/responsibility/principles/",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "google_ai_principles_2023",
      "relationship": "informative_reference",
      "rationale": "Establishes Google AI Principles requirements informing the apeiris://ethics/controls/XP-05 Model Card and System Card Transparency Disclosure control.",
      "reviewed_on": "2026-07-02"
     },
     {
      "id": "openai_model_spec_2024",
      "title": "OpenAI Model Specification",
      "authority": "OpenAI, L.L.C.",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2024",
      "published_on": "2024-05-08",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://cdn.openai.com/spec/model-spec-2024-05-08.html",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "openai_model_spec_2024",
      "relationship": "informative_reference",
      "rationale": "Establishes OpenAI Model Specification requirements informing the apeiris://ethics/controls/XP-05 Model Card and System Card Transparency Disclosure control.",
      "reviewed_on": "2026-07-01"
     },
     {
      "id": "anthropic_rsp_2024",
      "title": "Anthropic Responsible Scaling Policy v3.3",
      "authority": "Anthropic, PBC",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "3.3",
      "published_on": "2026-05-26",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.anthropic.com/responsible-scaling-policy",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "anthropic_rsp",
      "relationship": "informative_reference",
      "rationale": "Establishes Anthropic Responsible Scaling Policy v3.3 requirements informing the apeiris://ethics/controls/XP-05 Model Card and System Card Transparency Disclosure control.",
      "reviewed_on": "2026-07-02"
     },
     {
      "id": "meta_llama_responsible_use_2024",
      "title": "Meta Llama Responsible Use Guide",
      "authority": "Meta Platforms, Inc.",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2023",
      "published_on": "2023-07-18",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.llama.com/responsible-use-guide/",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "meta_llama_responsible_use_2024",
      "relationship": "informative_reference",
      "rationale": "Establishes Meta Llama Responsible Use Guide requirements informing the apeiris://ethics/controls/XP-05 Model Card and System Card Transparency Disclosure control.",
      "reviewed_on": "2026-07-02"
     },
     {
      "id": "ibm_ai_fairness_360_2021",
      "title": "IBM AI Fairness 360 (AIF360)",
      "authority": "IBM Corporation",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2018",
      "published_on": "2018-09-19",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://github.com/Trusted-AI/AIF360",
      "license": "open-source-apache2",
      "status": "current",
      "flagship": false,
      "source_id": "ibm_ai_fairness_360_2021",
      "relationship": "informative_reference",
      "rationale": "Establishes IBM AI Fairness 360 (AIF360) requirements informing the apeiris://ethics/controls/XP-05 Model Card and System Card Transparency Disclosure control.",
      "reviewed_on": "2026-07-02"
     }
    ],
    "implementation": {
     "pattern": "Adopt a standardized model card template that requires accurate disclosure of intended use, out-of-scope use, model architecture, training data characteristics, performance metrics by subgroup, known limitations, and fairness evaluation results. Implement a publication gate that requires model card completion and ethics officer review before high-stakes deployment.",
     "steps": [
      "Adopt a model card template based on Google's model cards framework or the Hugging Face model card standard, extended with EU AI Act technical documentation requirements (Art. 11 Annex IV) for high-risk AI systems.",
      "Implement a model card publication gate in the deployment pipeline that blocks high-stakes model promotion to production until an approved model card is published in the organization's model registry.",
      "Require periodic model card updates following significant model changes, new fairness evaluations, or discovery of new failure modes, with update records maintained in the model registry.",
      "Publish model cards to a user-accessible registry or documentation portal for public-facing AI systems, and provide them to regulators and affected parties on request for internal high-stakes systems."
     ],
     "data_scientist": {
      "summary": "The model card is your primary transparency artifact. Populate it accurately and completely, including honest disclosure of limitations and failure modes. An incomplete or inaccurate model card creates organizational liability.",
      "actions": [
       "Complete all required model card sections before submitting the model for deployment review.",
       "Ensure fairness evaluation results by demographic subgroup are included where demographic data is available.",
       "Update the model card following any significant model change or newly discovered failure mode."
      ],
      "failure_signals": [
       "Model card missing required sections (e.g., limitations, known failure modes, subgroup performance).",
       "Model card not updated following a model version change."
      ]
     },
     "ethics_officer": {
      "summary": "Model cards are the primary transparency instrument for external stakeholders. Review them for accuracy and completeness, with particular attention to limitation disclosures and fairness metrics.",
      "actions": [
       "Review and approve model cards for high-stakes AI systems before deployment.",
       "Verify that limitation disclosures are accurate and not understated.",
       "Confirm that subgroup performance metrics reflect actual evaluation, not aspirational claims."
      ],
      "failure_signals": [
       "Model cards with vague or incomplete limitation disclosures.",
       "Subgroup performance metrics absent from cards for models making decisions affecting protected classes."
      ]
     },
     "grc_auditor": {
      "summary": "Model card completeness and accuracy are audit artifacts for EU AI Act technical documentation compliance, consumer protection compliance, and organizational transparency commitments.",
      "actions": [
       "Request model cards for all high-stakes production AI systems and verify required sections are complete.",
       "Cross-reference model card performance claims against actual evaluation records.",
       "Verify publication gate records confirm ethics officer approval before production deployment."
      ],
      "metrics": [
       "Percentage of high-stakes AI systems with published and current model cards: target 100%.",
       "Percentage of model cards reviewed and approved by ethics officer: target 100%."
      ],
      "failure_signals": [
       "High-stakes AI systems without current model cards.",
       "Model card performance claims not supported by documented evaluation records."
      ]
     },
     "legal_counsel": {
      "summary": "Model cards are increasingly referenced in regulatory investigations as evidence of transparency good faith. Inaccurate or incomplete model cards can constitute misrepresentation. EU AI Act Art. 11 technical documentation requirements make model card completeness a legal obligation for high-risk AI.",
      "actions": [
       "Review model card templates for alignment with EU AI Act Annex IV technical documentation requirements for high-risk AI systems.",
       "Advise on limitation disclosure language to ensure accuracy without creating unnecessary liability."
      ],
      "failure_signals": [
       "Model card templates not reviewed against EU AI Act Annex IV requirements.",
       "Material model limitations omitted from published model cards."
      ]
     }
    },
    "maturity": {
     "current": "initial",
     "target": "defined",
     "notes": "Model cards are increasingly common in ML teams but rarely enforced via deployment gates or subject to ethics officer review."
    },
    "capability_risk": {
     "capability_level": "none"
    },
    "tiers": [
     "universal-enterprise",
     "cloud-native",
     "high-risk-sector",
     "eu-high-risk-ai"
    ],
    "implementers": [
     "Data Science",
     "AI Ethics Team",
     "Legal",
     "Product"
    ],
    "frameworks": [
     {
      "framework": "nist_rmf",
      "requirement_id": "MAP 5.1",
      "fit": "direct",
      "rationale": "NIST AI RMF MAP 5.1 requires that the likelihood and impact of undesirable AI outcomes be identified and documented. Model cards are the primary artifact for fulfilling this documentation requirement, capturing known failure modes, performance limitations, and subgroup disparities.",
      "normative_force": "voluntary-standard",
      "source_version": "1.0",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "eu_ai_act",
      "requirement_id": "Art. 11, Annex IV",
      "fit": "direct",
      "rationale": "EU AI Act Art. 11 and Annex IV require high-risk AI providers to maintain comprehensive technical documentation including system description, design choices, performance metrics, and known limitations. Model cards directly instantiate this requirement in a standardized, reviewable format.",
      "normative_force": "binding-law",
      "source_version": "2024/1689",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "satisfies"
     },
     {
      "framework": "iso_42001",
      "requirement_id": "§7.5",
      "fit": "direct",
      "rationale": "ISO/IEC 42001:2023 §7.5 requires that organizations maintain documented information about their AI systems, including records demonstrating conformance with AI management system requirements. Model cards constitute the core documented information artifact for AI system transparency.",
      "normative_force": "certification-standard",
      "source_version": "2023",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "oecd_ai_principles",
      "requirement_id": "Principle 1.3",
      "fit": "direct",
      "rationale": "OECD AI Principles 2024 Principle 1.3 on transparency calls for AI actors to provide meaningful information about AI systems. Model cards are a primary instrument for this transparency, providing stakeholders with the information needed to assess system behavior and limitations.",
      "normative_force": "voluntary-standard",
      "source_version": "2024",
      "reviewed_on": "2026-07-02",
      "basis": "asserted",
      "relation": "informs"
     },
     {
      "framework": "microsoft_rai",
      "requirement_id": "Goal T2 (Communication to stakeholders)",
      "fit": "partial",
      "rationale": "Microsoft Responsible AI Standard v2 Transparency requirements mandate transparent disclosure of AI system capabilities and limitations. Microsoft's internal model card practices provide an industry reference model for this control's implementation.",
      "normative_force": "best-practice",
      "source_version": "v2 (2022)",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "google_ai_principles",
      "requirement_id": "Responsible development and deployment — appropriate human oversight, due diligence, and feedback mechanisms",
      "fit": "partial",
      "rationale": "Google's current AI Principles (the 2025 revision, which replaced the 2018 seven-principles list with three pillars — Bold innovation; Responsible development and deployment; Collaborative progress) commit to human oversight and due diligence, and Google's own published model cards methodology remains a practical reference for structured capability and limitation disclosure. XP-05's model cards implement that transparency practice with a publication gate for high-stakes deployments.",
      "normative_force": "best-practice",
      "source_version": "2025",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "openai_model_spec",
      "requirement_id": "Seek the truth together — Be honest and transparent",
      "fit": "partial",
      "rationale": "XP-05 requires model cards that accurately represent capabilities, limitations, and failure modes. The Model Spec's honesty and transparency rules bar the model from misrepresenting what it can and cannot do; organizational model-card disclosure applies the same accuracy standard to the deployment documentation that deployers, regulators, and affected individuals rely on.",
      "normative_force": "best-practice",
      "source_version": "2025-12-18",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "anthropic_rsp",
      "requirement_id": "Governance and Transparency (documentation and disclosure of capability assessments)",
      "fit": "partial",
      "rationale": "RSP v3.3's Governance and Transparency provisions commit Anthropic to documenting capability assessments and publicly disclosing information about its safety framework, so that stakeholders have accurate information about model capabilities and safeguards before and during deployment. XP-05's model cards implement the same documentation-before-deployment obligation in standardized, reviewable form at the deployer level.",
      "normative_force": "best-practice",
      "source_version": "3.3",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "meta_llama_rai",
      "requirement_id": "Build transparency and reporting mechanisms",
      "fit": "partial",
      "rationale": "The Responsible Use Guide's system-level guidance includes building transparency and reporting mechanisms so users and stakeholders understand system behavior and can report problems, and Meta publishes model cards documenting Llama capabilities and evaluations. XP-05's model-card discipline extends the same transparency practice to the deploying organization's own systems.",
      "normative_force": "best-practice",
      "source_version": "2023",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "ibm_ai_fairness",
      "requirement_id": "Fairness metrics (demographic parity, equalized odds, disparate impact)",
      "fit": "adjacent",
      "rationale": "AIF360 defines widely used, computable fairness metrics whose results are the natural content for the subgroup performance and fairness evaluation sections of a model card. Reporting AIF360-compatible metrics in XP-05 disclosures keeps model-card fairness claims verifiable against standard open-source implementations.",
      "normative_force": "best-practice",
      "source_version": "2018",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "owasp_ai_exchange",
      "requirement_id": "aitransparency",
      "fit": "direct",
      "rationale": "XP-05 requires a current model/system card disclosing capabilities, limitations, intended use, and failure modes, which is exactly the AI-use transparency AI Exchange calls for.",
      "normative_force": "industry-framework",
      "source_version": "continuously-updated",
      "reviewed_on": "2026-07-08",
      "basis": "anchored",
      "relation": "equivalent_to"
     }
    ],
    "canonical_id": "apeiris://ethics/controls/XP-05",
    "meta": {
     "authored_on": "2026-06-29",
     "schema_version": "1.1.0"
    },
    "validation_objective": "Every AI system deployed in a high-stakes or public-facing context has a current published model card or system card that accurately represents the system's capabilities, limitations, intended use, known failure modes, and fairness evaluation results; cards are version-controlled and updated when the system undergoes material changes; and no high-stakes AI system is in production without a current card accessible to deployers and affected stakeholders.",
    "evidence_required": [
     "model_card_or_system_card document per AI system with required fields: system_id, model_version, intended_use, out_of_scope_uses, known_limitations, failure_modes, fairness_evaluation_results (metric name, value, demographic group, evaluation_date), and last_updated_date",
     "model_card_version_history log showing card updates aligned to model changes with delta description for each version",
     "card_publication_record confirming the card is accessible at a documented public or deployer-accessible URL before the system was deployed",
     "material_change_review_log showing that each model retraining, feature change, or scope expansion triggered a card update review with decision to update or document rationale for no-update"
    ],
    "machine_tests": [
     "Query production_ai_system_registry for high-stakes systems and cross-reference model_card_registry: assert every system_id has a corresponding card with last_updated_date within 12 months or within 30 days of the most recent model_version_release_date, whichever is more recent",
     "For each model card, verify required fields are populated: system_id, model_version, intended_use, known_limitations, fairness_evaluation_results (non-empty array), and last_updated_date → assert zero cards with missing required fields",
     "Query model_card_registry for cards where model_version in card does not match current deployed model_version in production_registry → assert zero version mismatches",
     "Fetch each card's publication_url and verify HTTP 200 response with valid content-type → assert all cards are publicly accessible at their registered URLs"
    ],
    "human_review": [
     "Review a sample of five model cards for substantive accuracy: verify that known_limitations and failure_modes reflect actual observed failure behavior from production monitoring and incident records rather than generic disclaimers, and that fairness_evaluation_results cite specific metrics (e.g., demographic parity ratio = 0.87 for age group 60+) with evaluation dates",
     "Assess whether model card intended_use and out_of_scope_uses sections are specific enough to prevent deployers from applying the system to contexts for which it was not validated, and whether the language is clear enough for non-technical deployers to act on",
     "Verify that the material_change_review process is triggered by the model change management workflow and is not left to discretionary judgment: confirm that the list of triggering changes (retraining, feature additions, threshold changes, scope expansions) is documented and enforced in the deployment pipeline"
    ],
    "blocking_effect": "blocks-deployment",
    "normative_status": "binding-law",
    "anti_patterns": [
     "Publishing a model card at initial deployment and never updating it after model retraining or feature changes, resulting in a card that describes a prior version of the system while the current deployed version has materially different capabilities or failure modes",
     "Populating known_limitations and failure_modes with generic boilerplate ('the model may perform differently on underrepresented groups') without citing specific observed failure cases from testing or production monitoring",
     "Treating the model card as a marketing document that emphasizes capabilities and buries limitations in technical appendices, reducing its utility for deployers making integration risk assessments",
     "Publishing the model card at a URL that requires authentication or organizational access, making it inaccessible to external deployers and affected stakeholders who need it for deployment decisions and impact assessments",
     "Omitting fairness evaluation results or providing only aggregate accuracy metrics without demographic group breakdowns, preventing deployers from assessing whether the system performs equitably across the populations it will affect"
    ],
    "update_status": "current",
    "layer_code": "XP"
   },
   {
    "id": "XP-06",
    "layer": "XP",
    "plane": "control",
    "name": "Technical vs. Non-Technical Explanation Tiers",
    "plain": "Organizations must provide appropriately tiered explanations for AI decisions to different audiences — technical staff, affected individuals, and regulators — ensuring that each audience receives explanations that are meaningful, accurate, and calibrated to their needs and rights.",
    "threat": {
     "tags": [
      "explanation-inaccessibility",
      "audience-mismatch",
      "rights-denial",
      "regulatory-noncompliance"
     ],
     "desc": "Providing only technical explanations (SHAP waterfall plots, feature attribution vectors) to affected individuals fails GDPR's 'meaningful information' standard and EU AI Act transparency requirements. Conversely, oversimplified plain-language explanations to technical reviewers or regulators may obscure material information about model behavior. Audience-inappropriate explanations systematically deny individuals their rights to understand and contest decisions affecting them."
    },
    "standard": [
     {
      "id": "eu_ai_act",
      "section": "Art. 13, Art. 86",
      "title": "Transparency requirements calibrated to audience"
     },
     {
      "id": "eu_charter",
      "section": "Art. 47",
      "title": "Right to effective remedy — requires intelligible explanation"
     },
     {
      "id": "nist_rmf",
      "section": "MEASURE 2.9",
      "title": "Explanations appropriate to context and audience"
     },
     {
      "id": "iso_42001",
      "section": "§7.4",
      "title": "Communication requirements for AI governance"
     }
    ],
    "sources": [
     {
      "id": "openai_model_spec_2024",
      "title": "OpenAI Model Specification",
      "authority": "OpenAI, L.L.C.",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2024",
      "published_on": "2024-05-08",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://cdn.openai.com/spec/model-spec-2024-05-08.html",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "openai_model_spec_2024",
      "relationship": "informative_reference",
      "rationale": "Establishes OpenAI Model Specification requirements informing the apeiris://ethics/controls/XP-06 Technical vs. Non-Technical Explanation Tiers control.",
      "reviewed_on": "2026-07-01"
     },
     {
      "id": "microsoft_rai_standard_v2_2022",
      "title": "Microsoft Responsible AI Standard v2",
      "authority": "Microsoft Corporation",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2",
      "published_on": "2022-06-21",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.microsoft.com/en-us/ai/responsible-ai",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "microsoft_rai_standard_v2_2022",
      "relationship": "informative_reference",
      "rationale": "Establishes Microsoft Responsible AI Standard v2 requirements informing the apeiris://ethics/controls/XP-06 Technical vs. Non-Technical Explanation Tiers control.",
      "reviewed_on": "2026-07-01"
     },
     {
      "id": "google_ai_principles_2023",
      "title": "Google AI Principles",
      "authority": "Google LLC",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2025",
      "published_on": "2025-02-04",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://ai.google/responsibility/principles/",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "google_ai_principles_2023",
      "relationship": "informative_reference",
      "rationale": "Establishes Google AI Principles requirements informing the apeiris://ethics/controls/XP-06 Technical vs. Non-Technical Explanation Tiers control.",
      "reviewed_on": "2026-07-02"
     }
    ],
    "implementation": {
     "pattern": "Define an explanation tier matrix that maps each audience type (affected individual, business user, technical reviewer, regulator) to required explanation format, depth, and delivery mechanism. Implement tiered explanation generation in decision systems, with plain-language notices for individuals, intermediate summaries for business users, and full technical documentation for technical reviewers and regulators.",
     "steps": [
      "Define an explanation tier matrix with at minimum three tiers: (1) affected individual plain-language notice, (2) business/operational summary, (3) technical audit log with full attribution detail and model version.",
      "Implement tiered explanation generation in decision systems, ensuring each tier can be produced on demand and that tier content accurately represents the decision without distortion at any level.",
      "Test each tier with representative members of the target audience to verify that the explanation is comprehensible, complete, and does not omit material information for the audience's decision-making context.",
      "Establish access controls ensuring individuals can access their tier-1 explanation on demand, and regulators can access tier-3 technical documentation within the timeframes required by applicable law."
     ],
     "ethics_officer": {
      "summary": "Tiered explanation is an individual rights issue. The tier-1 plain-language explanation is the primary instrument through which affected individuals can understand and contest AI decisions. It must be genuinely intelligible — not a euphemistic summary that obscures the actual decision basis.",
      "actions": [
       "Review tier-1 plain-language explanations for intelligibility and accuracy for target audience members.",
       "Conduct periodic user testing of tier-1 explanations with affected population representatives.",
       "Escalate cases where tier-1 explanations are insufficiently intelligible for the target audience."
      ],
      "failure_signals": [
       "Tier-1 explanations containing technical jargon incomprehensible to the target audience.",
       "Tier-1 explanations that omit material factors in the decision."
      ]
     },
     "legal_counsel": {
      "summary": "GDPR Art. 22 requires 'meaningful information about the logic involved' for solely automated decisions. EU AI Act Art. 86 requires that explanations be 'clear and meaningful.' These are audience-calibrated requirements — an explanation meaningful to a data scientist but not to an affected individual does not satisfy the law.",
      "actions": [
       "Review tier-1 plain-language explanations for compliance with GDPR 'meaningful information' standard.",
       "Confirm that access mechanisms allow affected individuals to obtain their tier-1 explanation within legally required timeframes.",
       "Review regulator access mechanisms for tier-3 technical documentation."
      ],
      "failure_signals": [
       "Tier-1 explanations that would not satisfy GDPR 'meaningful information' standard.",
       "No mechanism for individuals to access their explanation on demand."
      ]
     },
     "data_scientist": {
      "summary": "You are responsible for ensuring that tiered explanation generation is technically accurate at all tiers. A tier-1 summary that simplifies incorrectly is a fidelity failure, not just a communication failure.",
      "actions": [
       "Implement tier translation logic that simplifies technical attribution outputs into plain language without distorting the decision basis.",
       "Test tier-1 outputs against tier-3 technical outputs to verify that simplification does not introduce material inaccuracy.",
       "Document the translation methodology in the model card."
      ],
      "failure_signals": [
       "Tier-1 explanations that contradict the tier-3 technical attribution output.",
       "Tier translation introduces material simplification errors."
      ]
     },
     "grc_auditor": {
      "summary": "Tiered explanation delivery records are audit artifacts for individual rights compliance. Verify that all required tiers are implemented, accessible, and accurate.",
      "actions": [
       "Request tier explanation templates and samples for high-stakes decision systems.",
       "Verify that tier-3 technical documentation is accessible to auditors and regulators on demand.",
       "Test tier-1 explanation access mechanism for affected individuals."
      ],
      "metrics": [
       "Percentage of high-stakes AI decision systems with all three explanation tiers implemented: target 100%.",
       "Percentage of tier-1 explanations passing intelligibility review: target >95%."
      ],
      "failure_signals": [
       "High-stakes decision systems without a tier-1 individual explanation mechanism.",
       "Tier-3 technical documentation not accessible to auditors within required timeframes."
      ]
     }
    },
    "maturity": {
     "current": "initial",
     "target": "defined",
     "notes": "Most organizations have technical logging but lack plain-language individual-facing explanation tiers for AI decisions."
    },
    "capability_risk": {
     "capability_level": "none"
    },
    "tiers": [
     "universal-enterprise",
     "high-risk-sector",
     "eu-high-risk-ai",
     "multi-tenant"
    ],
    "implementers": [
     "AI Ethics Team",
     "UX/Product",
     "Legal",
     "Data Science"
    ],
    "frameworks": [
     {
      "framework": "eu_ai_act",
      "requirement_id": "Art. 13, Art. 86",
      "fit": "direct",
      "rationale": "EU AI Act Art. 13 requires that high-risk AI systems provide information accessible to deployers, and Art. 86 requires that affected individuals receive explanations in a clear and meaningful form. The tiered explanation framework directly implements both requirements by ensuring each audience receives calibrated information.",
      "normative_force": "binding-law",
      "source_version": "2024/1689",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "satisfies"
     },
     {
      "framework": "eu_charter",
      "requirement_id": "Art. 47",
      "fit": "direct",
      "rationale": "EU Charter Art. 47 guarantees the right to an effective remedy, which requires that individuals be able to understand the basis for decisions affecting them. A plain-language tier-1 explanation is a prerequisite for exercising this right in the context of AI-driven decisions.",
      "normative_force": "binding-law",
      "source_version": "2012/C 326/02",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "satisfies"
     },
     {
      "framework": "nist_rmf",
      "requirement_id": "MEASURE 2.9",
      "fit": "direct",
      "rationale": "NIST AI RMF MEASURE 2.9 requires that the model is explained, validated, and documented, with explanations meaningful to relevant stakeholders. The RMF recognizes that different stakeholders have different information needs, and the tiered explanation framework operationalizes that audience-calibration expectation.",
      "normative_force": "voluntary-standard",
      "source_version": "1.0",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "iso_42001",
      "requirement_id": "§7.4",
      "fit": "partial",
      "rationale": "ISO/IEC 42001:2023 §7.4 requires that AI governance communication be appropriate to the audience. The explanation tier matrix implements this requirement for AI decision explanations, ensuring that communication is calibrated to the receiver's role and rights.",
      "normative_force": "certification-standard",
      "source_version": "2023",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "un_ethics_ai",
      "requirement_id": "¶37–¶41 (Transparency and explainability)",
      "fit": "partial",
      "rationale": "UNESCO Recommendation ¶37–41 on transparency and explainability emphasize that explanations of AI decisions should be appropriate and intelligible to their audience. The tier-1 plain-language explanation directly implements this accessibility expectation.",
      "normative_force": "voluntary-standard",
      "source_version": "2021",
      "reviewed_on": "2026-07-02",
      "basis": "asserted",
      "relation": "informs"
     },
     {
      "framework": "oecd_ai_principles",
      "requirement_id": "Principle 1.3",
      "fit": "partial",
      "rationale": "OECD AI Principles 2024 Principle 1.3 on transparency calls for AI actors to provide information that enables individuals to understand AI system behavior and its effects on them. Audience-calibrated tiered explanations are the operational mechanism for fulfilling this transparency obligation.",
      "normative_force": "voluntary-standard",
      "source_version": "2024",
      "reviewed_on": "2026-07-02",
      "basis": "asserted",
      "relation": "informs"
     },
     {
      "framework": "openai_model_spec",
      "requirement_id": "Seek the truth together — Be honest and transparent",
      "fit": "partial",
      "rationale": "XP-06 calibrates explanation depth and format to different audiences — affected individuals, business users, technical reviewers, and regulators. The Model Spec's honesty rules require communication that is truthful and appropriately calibrated to the recipient; the explanation tier matrix operationalizes that calibration for AI decision explanations while guarding against tier-1 oversimplification that would distort the decision basis.",
      "normative_force": "best-practice",
      "source_version": "2025-12-18",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "microsoft_rai",
      "requirement_id": "Goals T1–T2 (System intelligibility; Communication to stakeholders)",
      "fit": "direct",
      "rationale": "XP-06 (Technical vs. Non-Technical Explanation Tiers) establishes an explanation tier matrix mapping audience types — affected individuals, business users, technical reviewers, and regulators — to required explanation format, depth, and delivery mechanism, with access controls ensuring appropriate availability. Microsoft Responsible AI Standard v2 Transparency requirements explicitly address providing AI system information in forms appropriate to different stakeholder roles, including accessible explanations for affected parties, operational summaries for business users, and full technical documentation for engineers and regulators. The tier matrix required by XP-06 directly implements this audience-calibrated transparency standard at the enterprise deployment level.",
      "normative_force": "best-practice",
      "source_version": "v2 (2022)",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "google_ai_principles",
      "requirement_id": "Responsible development and deployment — appropriate human oversight, due diligence, and feedback mechanisms",
      "fit": "partial",
      "rationale": "Google's current AI Principles (the 2025 revision, which replaced the 2018 seven-principles list with three pillars — Bold innovation; Responsible development and deployment; Collaborative progress) commit to feedback mechanisms for the people AI affects — which are only meaningful if affected individuals receive explanations they can genuinely understand. XP-06's tier-1 plain-language explanations, tested for intelligibility, are the mechanism through which that commitment reaches non-technical audiences.",
      "normative_force": "best-practice",
      "source_version": "2025",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "owasp_ai_exchange",
      "requirement_id": "explainability",
      "fit": "supporting",
      "rationale": "XP-06 tiers explanations for affected-individual, business, and technical audiences, extending explainability to the right audience for each decision.",
      "normative_force": "industry-framework",
      "source_version": "continuously-updated",
      "reviewed_on": "2026-07-08",
      "basis": "anchored",
      "relation": "equivalent_to"
     }
    ],
    "canonical_id": "apeiris://ethics/controls/XP-06",
    "meta": {
     "authored_on": "2026-06-29",
     "schema_version": "1.1.0"
    },
    "validation_objective": "All AI decision systems classified as requiring explanations must implement a minimum three-tier explanation structure (affected-individual plain-language, business-operational summary, technical audit log) that accurately represents the decision at each tier without distortion. Tier-1 individual explanations must pass intelligibility review with representative target audience members prior to production.",
    "evidence_required": [
     "explanation_tier_matrix document mapping each audience type (affected individual, business user, technical reviewer, regulator) to required explanation format, depth, and delivery mechanism for each high-stakes AI system",
     "tier-1 plain-language explanation samples with intelligibility testing records showing comprehension scores from representative target audience participants",
     "tier-3 technical audit log samples showing feature attribution, model version, and decision factors with cross-reference to corresponding tier-1 explanation for accuracy comparison",
     "access control configuration records confirming tier-1 explanations are accessible to affected individuals on demand within legally required timeframes",
     "tier translation methodology documentation showing how technical attribution outputs map to plain-language explanations without material inaccuracy"
    ],
    "machine_tests": [
     "Request tier-1 explanation for a known AI decision → assert response contains plain-language rationale without technical jargon, references key decision factors, and omits model-internal identifiers",
     "Request tier-3 technical explanation for the same decision → assert response contains feature attribution values, model version, and confidence score not present in the tier-1 output",
     "Attempt to access tier-3 documentation as a simulated non-technical user without elevated access role → assert access is denied or redirected to tier-1 per access control policy",
     "Submit tier-1 and tier-3 outputs for the same decision to a consistency checker → assert no material contradiction between explanation tiers exists in the comparison report"
    ],
    "human_review": [
     "Review tier-1 plain-language explanations with five or more affected population representatives to verify comprehensibility and completeness for the target audience's decision-making context",
     "Compare tier-1 and tier-3 explanation pairs for ten sampled high-stakes decisions to verify that simplification does not introduce material inaccuracy or omit decisive factors",
     "Verify that regulator access to tier-3 technical documentation is documented, tested, and can be demonstrated to a regulator on demand within legally required timeframes"
    ],
    "blocking_effect": "blocks-deployment",
    "normative_status": "binding-law",
    "anti_patterns": [
     "Producing only SHAP waterfall plots or feature attribution vectors as the explanation for affected individuals who lack data science literacy",
     "Creating tier-1 explanations that omit the decisive factor in the AI decision in favor of secondary contextual factors that are easier to explain in plain language",
     "Using a single explanation format for all audiences by appending a plain-language header to a technical output and claiming this constitutes a tiered explanation structure",
     "Building tier-1 explanations from separate prompt templates rather than from actual model attribution, creating divergence between what the system says drove the decision and what actually drove it",
     "Treating explanation tier access controls as optional, allowing affected individuals to receive raw technical logs with model-internal identifiers and proprietary feature encodings"
    ],
    "update_status": "current",
    "layer_code": "XP"
   },
   {
    "id": "XP-07",
    "layer": "XP",
    "plane": "control",
    "name": "Explanation Completeness and Coverage Auditing",
    "plain": "Organizations must verify that explanation capabilities are implemented for all AI decision types that require them, meet defined quality standards, and are maintained as the AI system portfolio evolves — ensuring no decision class falls through the coverage gap.",
    "threat": {
     "tags": [
      "coverage-gap",
      "audit-failure",
      "explanation-absence",
      "portfolio-drift"
     ],
     "desc": "As AI systems are deployed, modified, and retired across the enterprise, explanation coverage can degrade silently. New model versions may break existing explanation pipelines. New use cases may not trigger explanation requirements review. Audit gaps allow high-stakes decision systems to operate without required explanations, creating regulatory exposure that may not be discovered until an investigation, complaint, or audit surfaces the omission."
    },
    "standard": [
     {
      "id": "iso_42001",
      "section": "§9.2",
      "title": "Internal audit of AI management system"
     },
     {
      "id": "nist_rmf",
      "section": "MEASURE 4.1",
      "title": "Measurement approaches for AI accountability"
     },
     {
      "id": "eu_ai_act",
      "section": "Art. 9, Art. 72",
      "title": "Risk management and post-market monitoring of high-risk AI"
     },
     {
      "id": "acm_ethics",
      "section": "§3.7",
      "title": "Recognize and take special care of systems in high-stakes situations"
     }
    ],
    "sources": [
     {
      "id": "microsoft_rai_standard_v2_2022",
      "title": "Microsoft Responsible AI Standard v2",
      "authority": "Microsoft Corporation",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2",
      "published_on": "2022-06-21",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.microsoft.com/en-us/ai/responsible-ai",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "microsoft_rai_standard_v2_2022",
      "relationship": "informative_reference",
      "rationale": "Establishes Microsoft Responsible AI Standard v2 requirements informing the apeiris://ethics/controls/XP-07 Explanation Completeness and Coverage Auditing control.",
      "reviewed_on": "2026-07-01"
     },
     {
      "id": "google_ai_principles_2023",
      "title": "Google AI Principles",
      "authority": "Google LLC",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2025",
      "published_on": "2025-02-04",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://ai.google/responsibility/principles/",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "google_ai_principles_2023",
      "relationship": "informative_reference",
      "rationale": "Establishes Google AI Principles requirements informing the apeiris://ethics/controls/XP-07 Explanation Completeness and Coverage Auditing control.",
      "reviewed_on": "2026-07-02"
     }
    ],
    "implementation": {
     "pattern": "Maintain a cross-reference between the AI system inventory and explanation requirements registry, with automated coverage checks that flag systems where explanation requirements exist but implementation is absent, degraded, or unverified. Conduct periodic explanation coverage audits and remediate gaps within defined SLAs.",
     "steps": [
      "Maintain a current cross-reference mapping every production AI decision system against its explanation requirements from the decision taxonomy (XP-02), explanation method (XP-01), and explanation tier requirements (XP-06).",
      "Implement automated coverage checks that compare the AI system inventory against explanation implementation records, flagging systems where implementation is missing, the last fidelity verification is overdue, or model updates have not triggered revalidation.",
      "Conduct periodic explanation coverage audits (at minimum annually, or following significant portfolio changes) that review the cross-reference for completeness, sample explanation quality for high-stakes systems, and produce a coverage report.",
      "Define remediation SLAs for coverage gaps: critical gaps (high-stakes systems without explanation) within 30 days, standard gaps within 90 days, and track remediation to closure."
     ],
     "grc_auditor": {
      "summary": "Explanation coverage auditing is a GRC-led function. The coverage cross-reference and audit reports are primary artifacts for demonstrating systematic explanation governance to regulators and internal stakeholders.",
      "actions": [
       "Lead or review periodic explanation coverage audits using the AI system inventory and decision taxonomy.",
       "Verify that coverage gaps are tracked and remediated within defined SLAs.",
       "Include explanation coverage in the annual AI governance audit program."
      ],
      "metrics": [
       "Percentage of AI decision systems with explanation implementation verified as current: target 100%.",
       "Percentage of identified coverage gaps remediated within defined SLA: target 100%.",
       "Time since last explanation coverage audit: target <12 months."
      ],
      "failure_signals": [
       "High-stakes AI systems without verified explanation implementation.",
       "Coverage gaps not tracked or remediated within SLA.",
       "No explanation coverage audit conducted in the past 12 months."
      ]
     },
     "ethics_officer": {
      "summary": "Coverage auditing is the mechanism that ensures explanation governance is durable across portfolio changes. Review audit results and escalate unresolved gaps, particularly for high-stakes systems.",
      "actions": [
       "Review explanation coverage audit reports and escalate unresolved high-stakes gaps.",
       "Include explanation coverage status in ethics governance reporting to senior leadership."
      ],
      "failure_signals": [
       "High-stakes decision systems with open coverage gaps beyond SLA.",
       "No explanation coverage status in ethics governance reporting."
      ]
     },
     "data_scientist": {
      "summary": "You are responsible for maintaining explanation implementation current with your model. Coverage gaps often arise from model updates that break existing explanation pipelines without triggering remediation.",
      "actions": [
       "Verify explanation pipeline integrity as part of every model update deployment checklist.",
       "Report explanation coverage issues discovered during model maintenance to the AI ethics team."
      ],
      "failure_signals": [
       "Model updates deployed without verifying explanation pipeline continuity.",
       "Known explanation coverage gaps not reported to AI ethics team."
      ]
     },
     "legal_counsel": {
      "summary": "Explanation coverage gaps are legal exposure gaps. A system operating without required explanations is in ongoing regulatory noncompliance for each decision made without explanation. Coverage audit records demonstrate good faith systematic governance.",
      "actions": [
       "Review coverage audit reports for systems operating under GDPR Art. 22, EU AI Act, or ECOA/FCRA obligations.",
       "Confirm that coverage gaps in regulated decision systems are escalated and remediated with appropriate urgency."
      ],
      "failure_signals": [
       "Regulated decision systems with open coverage gaps beyond 30-day SLA.",
       "No legal review of coverage audit reports for regulated AI systems."
      ]
     }
    },
    "maturity": {
     "current": "initial",
     "target": "managed",
     "notes": "Few organizations have systematic explanation coverage auditing; gaps are typically discovered through incidents or regulatory inquiry."
    },
    "capability_risk": {
     "capability_level": "none"
    },
    "tiers": [
     "universal-enterprise",
     "high-risk-sector",
     "eu-high-risk-ai",
     "federated-enterprise"
    ],
    "implementers": [
     "GRC / Internal Audit",
     "AI Ethics Team",
     "Data Science",
     "Legal"
    ],
    "frameworks": [
     {
      "framework": "iso_42001",
      "requirement_id": "§9.2",
      "fit": "direct",
      "rationale": "ISO/IEC 42001:2023 §9.2 requires organizations to conduct internal audits of their AI management system to verify conformance. Explanation coverage auditing is a specific audit procedure within the broader AI management system audit program.",
      "normative_force": "certification-standard",
      "source_version": "2023",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "nist_rmf",
      "requirement_id": "MEASURE 4.1",
      "fit": "direct",
      "rationale": "NIST AI RMF MEASURE 4.1 requires that measurement approaches be established to demonstrate accountability for AI systems. Explanation coverage metrics are a primary accountability measure, demonstrating that explanation obligations are systematically met across the AI portfolio.",
      "normative_force": "voluntary-standard",
      "source_version": "1.0",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "eu_ai_act",
      "requirement_id": "Art. 9, Art. 72",
      "fit": "direct",
      "rationale": "EU AI Act Art. 9 requires ongoing risk management for high-risk AI, and Art. 72 requires post-market monitoring. Explanation coverage auditing is a core component of both — detecting degradation of transparency controls as systems evolve in the post-deployment phase.",
      "normative_force": "binding-law",
      "source_version": "2024/1689",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "satisfies"
     },
     {
      "framework": "acm_ethics",
      "requirement_id": "§3.7",
      "fit": "partial",
      "rationale": "ACM Code of Ethics §3.7 requires special care for systems in high-stakes situations, including ongoing vigilance about their behavior. Explanation coverage auditing operationalizes this ongoing vigilance for the transparency properties of high-stakes AI systems.",
      "normative_force": "best-practice",
      "source_version": "2018",
      "reviewed_on": "2026-06-29",
      "basis": "asserted",
      "relation": "informs"
     },
     {
      "framework": "ieee_7000",
      "requirement_id": "Clause 11 (Transparency management)",
      "fit": "partial",
      "rationale": "IEEE 7000-2021 clause 11 establishes transparency management as a maintained organizational process rather than a one-time design activity. Explanation coverage auditing operationalizes that maintenance obligation, systematically detecting where transparency commitments have lapsed as the AI portfolio evolves.",
      "normative_force": "voluntary-standard",
      "source_version": "2021",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "oecd_ai_principles",
      "requirement_id": "Principle 1.5",
      "fit": "adjacent",
      "rationale": "OECD AI Principles 2024 Principle 1.5 on accountability requires that AI actors be accountable for the proper functioning of AI systems. Explanation coverage auditing is an accountability mechanism that demonstrates systematic attention to whether transparency obligations are being met.",
      "normative_force": "voluntary-standard",
      "source_version": "2024",
      "reviewed_on": "2026-07-02",
      "basis": "asserted",
      "relation": "informs"
     },
     {
      "framework": "microsoft_rai",
      "requirement_id": "Goals A1–A5 (Accountability)",
      "fit": "partial",
      "rationale": "XP-07 (Explanation Completeness and Coverage Auditing) requires systematic cross-referencing of the AI system inventory against explanation requirements, with automated coverage checks flagging systems where implementation is absent or degraded, and periodic audits with defined remediation SLAs. Microsoft Responsible AI Standard v2 Accountability goals require that organizations maintain ongoing oversight of AI systems and be able to demonstrate that transparency requirements are met across the entire AI portfolio, not merely for individual systems. The coverage audit function in XP-07 directly implements this accountability requirement by ensuring that no decision class falls through the explanation coverage gap as the AI portfolio evolves.",
      "normative_force": "best-practice",
      "source_version": "v2 (2022)",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "google_ai_principles",
      "requirement_id": "Responsible development and deployment — appropriate human oversight, due diligence, and feedback mechanisms",
      "fit": "partial",
      "rationale": "Google's current AI Principles (the 2025 revision, which replaced the 2018 seven-principles list with three pillars — Bold innovation; Responsible development and deployment; Collaborative progress) commit to ongoing oversight and monitoring of deployed AI. XP-07's explanation coverage auditing makes the transparency dimension of that oversight verifiable rather than declarative, detecting portfolio-level gaps where explanation obligations are not being met.",
      "normative_force": "best-practice",
      "source_version": "2025",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "owasp_ai_exchange",
      "requirement_id": "explainability",
      "fit": "supporting",
      "rationale": "XP-07 audits explanation coverage across every production decision system, ensuring the explainability capability is actually implemented everywhere it is owed.",
      "normative_force": "industry-framework",
      "source_version": "continuously-updated",
      "reviewed_on": "2026-07-08",
      "basis": "anchored",
      "relation": "equivalent_to"
     }
    ],
    "canonical_id": "apeiris://ethics/controls/XP-07",
    "meta": {
     "authored_on": "2026-06-29",
     "schema_version": "1.1.0"
    },
    "validation_objective": "Every production AI decision system in the organization must appear in the explanation requirements cross-reference with verified, current explanation implementation status. No system with an open coverage gap older than its applicable SLA (30 days for critical systems, 90 days for standard systems) may remain in production without a documented ethics officer exception.",
    "evidence_required": [
     "explanation_coverage_register listing every production AI decision system with its required explanation tier, method, and fidelity verification status with last-verified date and responsible owner",
     "automated_coverage_check_report from the most recent scheduled scan, including any systems flagged for missing, degraded, or post-update-unverified explanation implementation",
     "explanation_coverage_audit_report from the most recent annual review sampling at least 20% of high-stakes systems with quality scores and gap remediation status per system",
     "remediation_tracker showing all open coverage gaps with SLA classification, gap age in days, assigned owner, and current escalation status"
    ],
    "machine_tests": [
     "Cross-reference AI system inventory against explanation implementation registry → assert every system in inventory has a corresponding implementation record with last-verified date within the required cadence",
     "Simulate model version deployment for a system with a registered explanation → assert automated check flags the deployment and requires explanation pipeline revalidation before the record is updated to current",
     "Query coverage check tool for systems with last-verified date older than the applicable SLA → assert report enumerates all overdue systems with gap age and responsible owner populated"
    ],
    "human_review": [
     "Review a sample of 20% of high-stakes AI decision systems against the explanation requirements registry, scoring each for coverage completeness, implementation currency, and fidelity verification quality",
     "Verify that remediation SLAs are enforced in practice by inspecting the gap tracker for any critical gaps older than 30 days and confirming that escalation was triggered and documented",
     "Assess whether the automated coverage check logic correctly identifies systems where model updates have occurred but explanation pipeline revalidation has not been completed"
    ],
    "blocking_effect": "advisory",
    "normative_status": "binding-law",
    "anti_patterns": [
     "Maintaining explanation coverage records in manually updated spreadsheets rather than through automated cross-referencing of the AI system inventory against implementation records",
     "Treating explanation coverage audits as point-in-time annual events rather than as continuous monitoring with automated gap detection between scheduled audits",
     "Defining coverage success as having documented explanation capability at system launch but not tracking whether explanation pipelines remain functional after model updates",
     "Applying a single remediation SLA to all coverage gaps without distinguishing critical gaps in regulated high-stakes systems from gaps in lower-risk advisory systems",
     "Closing gaps in the coverage tracker when the explanation method is documented rather than when implementation is verified through functional end-to-end testing"
    ],
    "update_status": "current",
    "layer_code": "XP"
   },
   {
    "id": "XP-08",
    "layer": "XP",
    "plane": "both",
    "name": "Explainability Evidence Package",
    "plain": "The XP-08 evidence package compiles attestation artifacts from XP-01 through XP-07 into a unified explainability evidence record, demonstrating that explanation method selection, decision-level requirements, fidelity verification, adverse action compliance, transparency disclosures, tiered explanations, and coverage auditing are implemented and current.",
    "threat": {
     "tags": [
      "evidence-gap",
      "audit-failure",
      "attestation-absence",
      "compliance-exposure"
     ],
     "desc": "Without a compiled evidence package, organizations cannot demonstrate to regulators, auditors, or affected parties that their explainability controls are implemented and effective. Individual controls may be implemented in isolation without aggregated evidence that the full XP layer is coherent and complete. Regulatory investigations and litigation increasingly require production of comprehensive explainability evidence, not control-by-control attestations."
    },
    "standard": [
     {
      "id": "iso_42001",
      "section": "§9.1, §9.2",
      "title": "Performance evaluation and internal audit of AI management system"
     },
     {
      "id": "eu_ai_act",
      "section": "Art. 11, Art. 17",
      "title": "Technical documentation and quality management system"
     },
     {
      "id": "nist_rmf",
      "section": "GOVERN 1.4",
      "title": "Organizational teams committed to AI risk management"
     },
     {
      "id": "oecd_ai_principles",
      "section": "Principle 1.5",
      "title": "Accountability for AI systems"
     }
    ],
    "sources": [
     {
      "id": "microsoft_rai_standard_v2_2022",
      "title": "Microsoft Responsible AI Standard v2",
      "authority": "Microsoft Corporation",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2",
      "published_on": "2022-06-21",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.microsoft.com/en-us/ai/responsible-ai",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "microsoft_rai_standard_v2_2022",
      "relationship": "informative_reference",
      "rationale": "Establishes Microsoft Responsible AI Standard v2 requirements informing the apeiris://ethics/controls/XP-08 Explainability Evidence Package control.",
      "reviewed_on": "2026-07-01"
     },
     {
      "id": "google_ai_principles_2023",
      "title": "Google AI Principles",
      "authority": "Google LLC",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2025",
      "published_on": "2025-02-04",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://ai.google/responsibility/principles/",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "google_ai_principles_2023",
      "relationship": "informative_reference",
      "rationale": "Establishes Google AI Principles requirements informing the apeiris://ethics/controls/XP-08 Explainability Evidence Package control.",
      "reviewed_on": "2026-07-02"
     }
    ],
    "implementation": {
     "pattern": "Assemble a structured XP evidence package per AI system or decision domain, referencing artifacts from each constituent control. The package must be producible on demand for regulatory review, audit, or litigation, and must be updated following any material change to the AI system or its explanation mechanisms.",
     "steps": [
      "Define the XP evidence package structure, specifying required artifacts from each constituent control: XP-01 (method justification record), XP-02 (decision taxonomy entry), XP-03 (fidelity benchmark results), XP-04 (adverse action notice samples and audit logs where applicable), XP-05 (model card), XP-06 (tier explanation samples), XP-07 (coverage audit report).",
      "Implement an evidence package assembly process — automated or manual — that aggregates and links artifacts from each constituent control into a unified package keyed to the AI system identifier and version.",
      "Define a package review and sign-off process requiring ethics officer and legal counsel review for high-stakes AI systems, with records of sign-off dates and reviewer identities.",
      "Establish a retention schedule for XP evidence packages consistent with regulatory requirements (e.g., EU AI Act Art. 18 — 10 years for high-risk AI technical documentation), and test retrieval of packages on demand as part of the annual explanation coverage audit."
     ],
     "ethics_officer": {
      "summary": "The XP evidence package is the primary artifact demonstrating your organization's explainability governance. Sign-off on evidence packages for high-stakes AI systems confirms that all constituent controls have been implemented and are current.",
      "actions": [
       "Review and sign off on XP evidence packages for high-stakes AI systems at deployment and annually thereafter.",
       "Include XP evidence package status in ethics governance reporting."
      ],
      "failure_signals": [
       "High-stakes AI systems without a current XP evidence package.",
       "XP evidence packages not updated following model version changes."
      ]
     },
     "legal_counsel": {
      "summary": "The XP evidence package is the primary document produced in regulatory investigations and litigation involving AI explanation obligations. It must be complete, accurate, and retained for the periods required by applicable law.",
      "actions": [
       "Review XP evidence package structure for completeness against EU AI Act Art. 11 technical documentation requirements.",
       "Confirm retention schedules align with EU AI Act Art. 18 (10 years for high-risk AI) and other applicable legal retention requirements.",
       "Review evidence packages for high-stakes AI systems before regulatory submissions or in anticipation of regulatory inquiry."
      ],
      "failure_signals": [
       "XP evidence packages not retained for required period.",
       "Evidence packages missing required legal artifacts (adverse action notice samples, decision taxonomy entry)."
      ]
     },
     "grc_auditor": {
      "summary": "The XP evidence package is the central audit artifact for the explainability control layer. Verify that packages exist for all required systems, are current, and include all required constituent control artifacts.",
      "actions": [
       "Request XP evidence packages for a sample of high-stakes AI systems during annual audit.",
       "Verify that all constituent control artifacts are present and current within the package.",
       "Confirm ethics officer and legal counsel sign-off records exist for each reviewed package."
      ],
      "metrics": [
       "Percentage of high-stakes AI systems with complete and current XP evidence packages: target 100%.",
       "Percentage of XP evidence packages with required sign-off records: target 100%.",
       "Percentage of packages retrievable within 24 hours on demand: target 100%."
      ],
      "failure_signals": [
       "High-stakes AI systems without XP evidence packages.",
       "Packages missing constituent control artifacts.",
       "Packages not retrievable within required timeframe."
      ]
     },
     "data_scientist": {
      "summary": "Your artifacts feed the XP evidence package. Ensure that method justification records, fidelity benchmarks, and model cards are current and stored in the designated evidence repository for each model you maintain.",
      "actions": [
       "Store all XP-layer artifacts (method justification, fidelity benchmarks, model card) in the designated evidence repository at deployment.",
       "Update artifacts following model changes and confirm the evidence package is regenerated or updated."
      ],
      "failure_signals": [
       "XP-layer artifacts stored outside the designated evidence repository.",
       "Artifacts not updated following model version changes."
      ]
     },
     "business_stakeholder": {
      "summary": "XP evidence packages protect the business in regulatory investigations and litigation. Ensure that AI use cases are registered with the AI ethics team to trigger evidence package requirements.",
      "actions": [
       "Register all AI-driven decision use cases with the AI ethics team to ensure XP evidence package requirements are triggered.",
       "Confirm that business operations support the delivery of required explanation artifacts within evidence package assembly timelines."
      ],
      "failure_signals": [
       "AI use cases operated without registration with the AI ethics team.",
       "Business operations do not support evidence package assembly timelines."
      ]
     }
    },
    "maturity": {
     "current": "initial",
     "target": "defined",
     "notes": "Few organizations maintain structured explainability evidence packages; evidence is typically scattered across systems and not aggregated for regulatory production."
    },
    "capability_risk": {
     "capability_level": "none"
    },
    "tiers": [
     "universal-enterprise",
     "high-risk-sector",
     "eu-high-risk-ai",
     "federated-enterprise"
    ],
    "implementers": [
     "GRC / Internal Audit",
     "AI Ethics Team",
     "Legal",
     "Data Science"
    ],
    "frameworks": [
     {
      "framework": "iso_42001",
      "requirement_id": "§9.1, §9.2",
      "fit": "direct",
      "rationale": "ISO/IEC 42001:2023 §9.1 and §9.2 require performance evaluation and internal audit of the AI management system. The XP evidence package is the primary artifact demonstrating that explainability controls have been evaluated and audited in accordance with the management system requirements.",
      "normative_force": "certification-standard",
      "source_version": "2023",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "eu_ai_act",
      "requirement_id": "Art. 11, Art. 17, Art. 18",
      "fit": "direct",
      "rationale": "EU AI Act Art. 11 and 17 require comprehensive technical documentation and quality management systems for high-risk AI. Art. 18 specifies retention periods. The XP evidence package directly implements the explainability component of these documentation requirements and establishes the retention infrastructure.",
      "normative_force": "binding-law",
      "source_version": "2024/1689",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "satisfies"
     },
     {
      "framework": "nist_rmf",
      "requirement_id": "GOVERN 1.4",
      "fit": "partial",
      "rationale": "NIST AI RMF GOVERN 1.4 requires that organizational teams be committed to AI risk management with clear accountability. The XP evidence package sign-off process operationalizes this commitment for explainability controls, creating a clear accountability record for the ethics officer, legal counsel, and GRC auditor.",
      "normative_force": "voluntary-standard",
      "source_version": "1.0",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "oecd_ai_principles",
      "requirement_id": "Principle 1.5",
      "fit": "direct",
      "rationale": "OECD AI Principles 2024 Principle 1.5 on accountability requires AI actors to be accountable and to enable oversight. The XP evidence package is the accountability artifact that enables meaningful oversight of explainability governance by regulators, auditors, and affected parties.",
      "normative_force": "voluntary-standard",
      "source_version": "2024",
      "reviewed_on": "2026-07-02",
      "basis": "asserted",
      "relation": "informs"
     },
     {
      "framework": "ieee_7000",
      "requirement_id": "Clause 11 (Transparency management)",
      "fit": "partial",
      "rationale": "IEEE 7000-2021 clause 11's transparency management process produces decisions and records about what is disclosed to whom. The XP evidence package consolidates the artifacts of that process — method justifications, fidelity benchmarks, coverage audits — into a reviewable record for management and external review.",
      "normative_force": "voluntary-standard",
      "source_version": "2021",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "acm_ethics",
      "requirement_id": "§3.7",
      "fit": "adjacent",
      "rationale": "ACM Code of Ethics §3.7 requires special care for high-stakes systems and suggests ongoing record-keeping and accountability practices. The XP evidence package formalizes this record-keeping requirement into a producible artifact that demonstrates the organization's exercise of special care for explainability governance.",
      "normative_force": "best-practice",
      "source_version": "2018",
      "reviewed_on": "2026-06-29",
      "basis": "asserted",
      "relation": "informs"
     },
     {
      "framework": "microsoft_rai",
      "requirement_id": "Goals A1–A5 (Accountability)",
      "fit": "direct",
      "rationale": "XP-08 (Explainability Evidence Package) compiles attestation artifacts from XP-01 through XP-07 into a unified explainability evidence record — method justification, decision taxonomy entry, fidelity benchmarks, adverse action samples, model card, tier explanation samples, coverage audit report — that is producible on demand for regulatory review, audit, or litigation. Microsoft Responsible AI Standard v2 Accountability goals require that organizations maintain documentation demonstrating responsible AI compliance, including consolidated evidence that transparency and explainability controls have been implemented, are effective, and are retained per applicable requirements. The XP evidence package is precisely this consolidated accountability documentation, providing a signed, versioned record of explainability governance for each high-stakes AI system.",
      "normative_force": "best-practice",
      "source_version": "v2 (2022)",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "google_ai_principles",
      "requirement_id": "Responsible development and deployment — appropriate human oversight, due diligence, and feedback mechanisms",
      "fit": "partial",
      "rationale": "Google's current AI Principles (the 2025 revision, which replaced the 2018 seven-principles list with three pillars — Bold innovation; Responsible development and deployment; Collaborative progress) commit to due diligence and oversight that can be demonstrated to external parties. The XP evidence package converts explainability governance commitments into a producible, signed record available to regulators, auditors, and affected parties.",
      "normative_force": "best-practice",
      "source_version": "2025",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     }
    ],
    "canonical_id": "apeiris://ethics/controls/XP-08",
    "meta": {
     "authored_on": "2026-06-29",
     "schema_version": "1.1.0"
    },
    "validation_objective": "A complete, version-controlled XP evidence package must exist for every high-stakes AI system, containing verified artifacts from XP-01 through XP-07 with ethics officer and legal counsel sign-off, and must be retrievable within 24 hours on demand. The package must be regenerated or updated following any material change to the AI system or its explanation mechanisms.",
    "evidence_required": [
     "xp_evidence_package record per high-stakes AI system containing linked artifact references: XP-01 method justification record, XP-02 decision taxonomy entry, XP-03 fidelity benchmark results, XP-04 adverse action notice samples where applicable, XP-05 model card, XP-06 tier explanation samples, XP-07 coverage audit report excerpt",
     "package_signoff_record showing ethics officer name, role, and explicit sign-off date, confirming all constituent artifacts were reviewed for the current system version",
     "legal_counsel_review_record confirming XP evidence package retention schedule alignment with EU AI Act Art. 18 (10-year retention for high-risk AI) and other applicable legal requirements",
     "package_retrieval_test_log demonstrating that a complete evidence package was retrieved for at least one sampled system within 24 hours, including retrieval timestamp and artifact completeness checklist"
    ],
    "machine_tests": [
     "Query evidence package repository for each system in the high-stakes AI inventory → assert a package record exists with non-null references to all seven constituent control artifact types",
     "Retrieve evidence package for a randomly sampled high-stakes AI system and check artifact freshness → assert all constituent artifacts have last-updated timestamps consistent with the current system version in the model registry",
     "Submit a package schema validation check against the defined XP package structure → assert zero missing required fields across all packages for regulated AI systems"
    ],
    "human_review": [
     "Review ethics officer and legal counsel sign-off records for a sample of high-stakes AI systems and verify that sign-off dates correspond to the current system version or were refreshed following the most recent material change",
     "Assess whether the evidence package assembly process is triggered automatically by model version changes or requires manual initiation, and evaluate the risk of packages becoming stale after unreported changes",
     "Verify that evidence package retention schedules are documented in the records management policy, align with EU AI Act Art. 18 (10 years for high-risk AI), and have been tested in a retrieval drill"
    ],
    "blocking_effect": "blocks-deployment",
    "normative_status": "binding-law",
    "anti_patterns": [
     "Assembling XP evidence packages only in response to regulatory inquiries or litigation holds rather than maintaining current packages as a standard pre-deployment governance artifact",
     "Storing constituent control artifacts in separate team systems without a unified package record linking them by system identifier and version, making retrieval under time pressure infeasible",
     "Obtaining sign-off on the evidence package at initial deployment and treating it as perpetually valid without triggering revalidation after model version updates or system purpose changes",
     "Setting evidence retention schedules based on internal document management defaults rather than the EU AI Act Art. 18 requirement of 10 years for high-risk AI technical documentation",
     "Including placeholder or template-sample artifacts in the evidence package during initialization and failing to replace them with system-specific verified artifacts before the package receives sign-off"
    ],
    "update_status": "current",
    "layer_code": "XP"
   },
   {
    "id": "HI-01",
    "layer": "HI",
    "plane": "control",
    "name": "Fundamental Rights Impact Assessment Content Governance",
    "plain": "Every high-risk AI system subject to EU AI Act Article 27 obligations must produce a Fundamental Rights Impact Assessment (FRIA) that substantively addresses all relevant rights enumerated in the EU Charter, documents the assessment methodology, identifies mitigations for each identified impact, and is reviewed and approved by a qualified ethics or legal authority before system deployment.",
    "threat": {
     "tags": [
      "rights-impact-omission",
      "assessment-superficiality",
      "governance-bypass",
      "accountability-gap"
     ],
     "desc": "FRIAs completed as bureaucratic checkbox exercises — rather than substantive rights analyses — fail to surface genuine harms before deployment. Superficial assessments omit protected categories, skip vulnerable population analysis, or fail to map AI outputs to specific charter rights. Regulators treating FRIA non-compliance as a systemic failure trigger enforcement actions and fines; harmed individuals have no documented remediation baseline."
    },
    "standard": [
     {
      "id": "eu_ai_act",
      "section": "Art. 27",
      "title": "Fundamental Rights Impact Assessment obligations for deployers"
     },
     {
      "id": "eu_charter",
      "section": "Art. 1, 8, 21, 47",
      "title": "Charter rights most engaged by AI: dignity, data protection, non-discrimination, remedy"
     },
     {
      "id": "ieee_7000",
      "section": "Clause 10",
      "title": "Ethical risk-based design — value and rights impact assessment"
     },
     {
      "id": "iso_42001",
      "section": "§6.1.2",
      "title": "AI risk and impact assessment requirements"
     }
    ],
    "sources": [
     {
      "id": "microsoft_rai_standard_v2_2022",
      "title": "Microsoft Responsible AI Standard v2",
      "authority": "Microsoft Corporation",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2",
      "published_on": "2022-06-21",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.microsoft.com/en-us/ai/responsible-ai",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "microsoft_rai_standard_v2_2022",
      "relationship": "informative_reference",
      "rationale": "Establishes Microsoft Responsible AI Standard v2 requirements informing the apeiris://ethics/controls/HI-01 Fundamental Rights Impact Assessment Content Governance control.",
      "reviewed_on": "2026-07-01"
     }
    ],
    "implementation": {
     "pattern": "FRIA template enforced by a governance gate in the AI system lifecycle: each high-risk deployment triggers a structured assessment covering all 54 charter articles, documents affected populations, maps predicted impacts to specific rights, assigns severity ratings, and links to mitigations tracked in the organization's risk register.",
     "steps": [
      "Adopt a standardized FRIA template that enumerates all EU Charter rights (Art. 1–54), requires explicit impact ratings (none/low/moderate/high/critical) for each, and mandates population-level analysis for each protected group.",
      "Integrate FRIA completion as a deployment gate in the AI governance workflow: no high-risk system may receive production authorization without a signed, dated FRIA reviewed by qualified ethics or legal counsel.",
      "Establish a FRIA registry that maintains version-controlled assessment records, tracks mitigation closure, and triggers reassessment when system purpose, training data, or deployment context changes materially.",
      "Conduct annual FRIA audits sampling completed assessments for substantive completeness, cross-referencing documented mitigations against risk register closure evidence."
     ],
     "ethics_officer": {
      "summary": "The FRIA is the primary instrument of pre-deployment rights due diligence. The ethics officer owns the template, the assessment methodology, and the final sign-off authority.",
      "actions": [
       "Maintain and update the FRIA template to reflect current charter interpretation and regulatory guidance.",
       "Review and approve all high-risk system FRIAs before deployment authorization is issued.",
       "Track mitigation commitments arising from FRIAs through to documented closure."
      ],
      "failure_signals": [
       "FRIA completion rate below 100% for high-risk deployments.",
       "Assessments with blanket 'no impact' ratings across multiple rights without documented justification.",
       "Mitigations marked closed without supporting evidence."
      ]
     },
     "legal_counsel": {
      "summary": "FRIA obligations under EU AI Act Art. 27 carry direct enforcement exposure. Legal must ensure assessments satisfy regulatory expectations and that the organization can demonstrate substantive compliance.",
      "actions": [
       "Review FRIA methodology against evolving European Data Protection Board and AI Office guidance.",
       "Confirm that FRIA outputs are privileged where appropriate and retained per document management policy.",
       "Advise on scope triggers — which deployments qualify as high-risk under Annex III."
      ],
      "failure_signals": [
       "FRIA coverage gaps on Annex III system categories.",
       "Assessments not updated following significant system changes or regulatory guidance updates.",
       "No documented legal review sign-off on completed FRIAs."
      ]
     },
     "grc_auditor": {
      "summary": "FRIAs are primary audit artifacts for EU AI Act compliance. Auditors verify completeness, quality, and lifecycle integration of the assessment process.",
      "actions": [
       "Request the FRIA registry and cross-reference against the high-risk system inventory.",
       "Sample 20% of FRIAs annually, scoring each for rights coverage completeness, population analysis depth, and mitigation specificity.",
       "Verify that FRIA deployment gates are enforced in CI/CD and governance workflows."
      ],
      "metrics": [
       "FRIA completion rate for high-risk deployments: target 100%.",
       "Average FRIA quality score (rubric-based): target ≥80/100.",
       "Mitigation closure rate within committed timeline: target ≥90%."
      ],
      "failure_signals": [
       "Any high-risk deployment without a completed FRIA.",
       "Quality scores below 60/100 on sampled assessments.",
       "Mitigation backlog growing across consecutive audit cycles."
      ]
     },
     "business_stakeholder": {
      "summary": "FRIAs protect the organization from regulatory action and reputational harm by ensuring AI deployments are rights-aware before launch.",
      "actions": [
       "Include FRIA timelines in product launch planning to avoid last-minute delays.",
       "Escalate material FRIA findings (high/critical impact ratings) to executive leadership before deployment decisions.",
       "Ensure product changes that materially alter system purpose trigger FRIA reassessment."
      ],
      "failure_signals": [
       "Product launches bypassing FRIA requirements.",
       "Critical rights impacts documented without corresponding deployment holds.",
       "Stakeholder pressure overriding ethics officer sign-off authority."
      ]
     }
    },
    "maturity": {
     "current": "initial",
     "target": "defined",
     "notes": "Most enterprises lack structured FRIA processes; assessments where they exist are often superficial checklists rather than substantive rights analyses."
    },
    "capability_risk": {
     "capability_level": "none"
    },
    "tiers": [
     "universal-enterprise",
     "high-risk-sector",
     "eu-high-risk-ai",
     "federated-enterprise"
    ],
    "implementers": [
     "Ethics Office",
     "Legal Counsel",
     "Compliance Team",
     "Product Management"
    ],
    "frameworks": [
     {
      "framework": "eu_ai_act",
      "requirement_id": "Art. 27",
      "fit": "direct",
      "rationale": "EU AI Act Article 27 directly mandates FRIA completion by deployers of high-risk AI systems, specifying the categories of fundamental rights that must be assessed. This control operationalizes that requirement through structured governance gates and assessment methodology. Non-compliance constitutes a regulatory violation subject to supervisory enforcement.",
      "normative_force": "binding-law",
      "source_version": "2024/1689",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "satisfies"
     },
     {
      "framework": "eu_charter",
      "requirement_id": "Art. 1, 8, 21, 47",
      "fit": "direct",
      "rationale": "The EU Charter of Fundamental Rights defines the rights inventory that FRIAs must address; the articles most commonly engaged by AI systems are human dignity (Art. 1), data protection (Art. 8), non-discrimination (Art. 21), and effective remedy (Art. 47). This control's template structure is organized around Charter article coverage, ensuring no protected right in scope is omitted from assessment. Charter rights form the substantive basis for identifying and rating fundamental rights impacts.",
      "normative_force": "binding-law",
      "source_version": "2012/C 326/02",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "satisfies"
     },
     {
      "framework": "ieee_7000",
      "requirement_id": "Clause 10 (Ethical risk-based design)",
      "fit": "direct",
      "rationale": "IEEE 7000-2021 clause 10 provides an ethical risk-based design process that maps system behaviors to risks of value and rights violations for affected stakeholders. The FRIA template structure adapts this methodology to the specific rights enumerated in the EU Charter, providing a defensible assessment approach grounded in a recognized engineering standard.",
      "normative_force": "voluntary-standard",
      "source_version": "2021",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "iso_42001",
      "requirement_id": "§6.1.2",
      "fit": "direct",
      "rationale": "ISO/IEC 42001 §6.1.2 requires organizations to identify and assess AI-related risks including impacts on fundamental rights and human values. FRIA completion and quality are auditable artifacts under ISO 42001 certification scope, linking rights assessment obligations to the management system framework.",
      "normative_force": "certification-standard",
      "source_version": "2023",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "oecd_ai_principles",
      "requirement_id": "Principle 1.3",
      "fit": "partial",
      "rationale": "OECD AI Principle 1.3 requires AI actors to respect the rule of law, access to justice, and fundamental rights. FRIA governance directly supports this principle by establishing structured pre-deployment rights due diligence. The OECD framework provides international policy legitimacy for FRIA requirements beyond EU jurisdiction.",
      "normative_force": "voluntary-standard",
      "source_version": "2024",
      "reviewed_on": "2026-07-02",
      "basis": "asserted",
      "relation": "informs"
     },
     {
      "framework": "nist_rmf",
      "requirement_id": "MAP 1.5",
      "fit": "partial",
      "rationale": "NIST AI RMF MAP 1.5 calls for identifying and documenting organizational risk tolerances and harms, including societal and rights-related impacts. The FRIA registry and quality scoring metrics align with NIST's emphasis on documented, risk-commensurate assessment processes.",
      "normative_force": "voluntary-standard",
      "source_version": "1.0",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "microsoft_rai",
      "requirement_id": "Goal A1 (Impact assessment)",
      "fit": "partial",
      "rationale": "Microsoft Responsible AI Standard v2 includes impact assessment as an explicit accountability requirement, mandating that AI systems undergo structured evaluation of potential harms — including rights-related impacts — before and during deployment. Fundamental Rights Impact Assessment Content Governance operationalizes a substantively parallel obligation through structured FRIA governance gates, methodology requirements, and qualified ethics officer sign-off. While Microsoft's standard addresses a broader set of harms rather than specifically EU charter rights, the documentation, governance gate, and qualified review requirements are methodologically aligned.",
      "normative_force": "best-practice",
      "source_version": "v2 (2022)",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     }
    ],
    "canonical_id": "apeiris://ethics/controls/HI-01",
    "meta": {
     "authored_on": "2026-06-29",
     "schema_version": "1.1.0"
    },
    "validation_objective": "Every high-risk AI system subject to EU AI Act Art. 27 must have a completed FRIA with explicit impact ratings for all relevant EU Charter rights (Art. 1-54), documented population-level analysis for each protected group in scope, and signed ethics officer and legal counsel approval before production authorization is issued. No Annex III system may enter production without satisfying this gate.",
    "evidence_required": [
     "completed_fria document per high-risk AI system with explicit impact ratings (none/low/moderate/high/critical) for each EU Charter article, population-level analysis for all protected groups in scope, and documented mitigation for each impact rated moderate or higher",
     "fria_signoff_record showing ethics officer and legal counsel reviewer names, dates, and explicit production authorization confirmation for each high-risk system",
     "fria_registry showing version-controlled FRIA history per system with initial assessment date, reassessment dates triggered by material changes, and current version status",
     "mitigation_closure_evidence linking each FRIA-identified mitigation commitment to its corresponding risk register entry and documented closure verification with timestamp",
     "deployment_gate_record confirming FRIA completion check was executed in the AI governance workflow and the gate was satisfied before production authorization was granted"
    ],
    "machine_tests": [
     "Query FRIA registry against Annex III AI system inventory → assert every Annex III system has a current FRIA record with sign-off date, and no system exists in inventory without a corresponding FRIA entry",
     "Validate FRIA document structure for a sampled system → assert the document contains an impact rating for each of the 54 EU Charter articles and at least one protected-group population analysis section",
     "Check risk register against FRIA mitigation commitments → assert every mitigation from a current FRIA has a corresponding open or closed risk register entry with assigned owner and due date"
    ],
    "human_review": [
     "Sample 20% of completed FRIAs and score each for rights coverage completeness (all 54 charter articles explicitly addressed), depth of population analysis, specificity of mitigation commitments, and quality of impact justifications",
     "Verify that FRIA reassessment was triggered for systems that underwent material purpose, training data, or deployment context changes since the last assessment, by cross-referencing change management records against the FRIA registry",
     "Review ethics officer and legal counsel sign-off records to confirm sign-off reflects substantive review with documented findings rather than pro forma approval with no review notes"
    ],
    "blocking_effect": "blocks-deployment",
    "normative_status": "binding-law",
    "anti_patterns": [
     "Completing FRIAs after production deployment begins rather than as a pre-authorization gate, documenting assessments retroactively to satisfy compliance audit requirements",
     "Rating all 54 EU Charter articles as 'no impact' without documented justification for a system that processes personal data and makes decisions about individuals in protected categories",
     "Using a generic FRIA template that does not enumerate the specific EU Charter articles or that collapses multiple distinct rights into a single 'fundamental rights' checkbox",
     "Treating FRIA sign-off as a one-time event at initial deployment without triggering reassessment when training data, decision scope, deployment population, or system purpose changes materially",
     "Failing to link FRIA mitigation commitments to the risk register, leaving documented moderate-or-higher rights impacts with no tracked accountability for remediation to closure"
    ],
    "update_status": "current",
    "layer_code": "HI"
   },
   {
    "id": "HI-02",
    "layer": "HI",
    "plane": "control",
    "name": "Human Dignity and Autonomy Preservation",
    "plain": "AI systems must be designed and operated to preserve human dignity and individual autonomy: they must not demean, manipulate, or coerce users; must present outputs in ways that support rather than substitute for human judgment; and must preserve the user's ability to make meaningful, informed choices independent of AI influence.",
    "threat": {
     "tags": [
      "autonomy-erosion",
      "dignity-violation",
      "dark-pattern-manipulation",
      "dependency-induction"
     ],
     "desc": "AI systems that optimize for engagement or conversion can subtly erode autonomy through nudging, dark patterns, and information asymmetry — steering users toward outcomes the system or its operator prefers rather than outcomes the user would choose with full information. Systems trained on large behavioral datasets may learn manipulative patterns implicitly. Dignity violations occur when AI outputs characterize or treat individuals as objects, statistical units, or targets rather than as persons with inherent worth."
    },
    "standard": [
     {
      "id": "eu_charter",
      "section": "Art. 1",
      "title": "Human dignity — inviolability"
     },
     {
      "id": "un_ethics_ai",
      "section": "¶35–¶36",
      "title": "Human oversight and determination"
     },
     {
      "id": "ieee_7000",
      "section": "Clause 8",
      "title": "Ethical values elicitation — autonomy and dignity"
     },
     {
      "id": "acm_ethics",
      "section": "§1.1",
      "title": "Contribute to society and human well-being"
     }
    ],
    "sources": [
     {
      "id": "openai_model_spec_2024",
      "title": "OpenAI Model Specification",
      "authority": "OpenAI, L.L.C.",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2024",
      "published_on": "2024-05-08",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://cdn.openai.com/spec/model-spec-2024-05-08.html",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "openai_model_spec_2024",
      "relationship": "informative_reference",
      "rationale": "Establishes OpenAI Model Specification requirements informing the apeiris://ethics/controls/HI-02 Human Dignity and Autonomy Preservation control.",
      "reviewed_on": "2026-07-01"
     },
     {
      "id": "microsoft_rai_standard_v2_2022",
      "title": "Microsoft Responsible AI Standard v2",
      "authority": "Microsoft Corporation",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2",
      "published_on": "2022-06-21",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.microsoft.com/en-us/ai/responsible-ai",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "microsoft_rai_standard_v2_2022",
      "relationship": "informative_reference",
      "rationale": "Establishes Microsoft Responsible AI Standard v2 requirements informing the apeiris://ethics/controls/HI-02 Human Dignity and Autonomy Preservation control.",
      "reviewed_on": "2026-07-01"
     },
     {
      "id": "google_ai_principles_2023",
      "title": "Google AI Principles",
      "authority": "Google LLC",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2025",
      "published_on": "2025-02-04",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://ai.google/responsibility/principles/",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "google_ai_principles_2023",
      "relationship": "informative_reference",
      "rationale": "Establishes Google AI Principles requirements informing the apeiris://ethics/controls/HI-02 Human Dignity and Autonomy Preservation control.",
      "reviewed_on": "2026-07-02"
     },
     {
      "id": "meta_llama_responsible_use_2024",
      "title": "Meta Llama Responsible Use Guide",
      "authority": "Meta Platforms, Inc.",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2023",
      "published_on": "2023-07-18",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.llama.com/responsible-use-guide/",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "meta_llama_responsible_use_2024",
      "relationship": "informative_reference",
      "rationale": "Establishes Meta Llama Responsible Use Guide requirements informing the apeiris://ethics/controls/HI-02 Human Dignity and Autonomy Preservation control.",
      "reviewed_on": "2026-07-02"
     }
    ],
    "implementation": {
     "pattern": "Dignity and autonomy are treated as first-class design constraints enforced through red-team testing for manipulative patterns, output framing review, behavioral dark-pattern prohibition in product requirements, and periodic human-subject evaluation of autonomy impact.",
     "steps": [
      "Establish a prohibited patterns registry covering: deceptive framing, false urgency, social pressure induction, identity-based emotional manipulation, and output designs that obscure user alternatives.",
      "Conduct red-team evaluation of AI system outputs for dignity violations and autonomy-undermining patterns prior to deployment and on a quarterly cadence; use structured scoring rubrics aligned to UNESCO and IEEE 7000 value taxonomies.",
      "Implement output design guidelines requiring that AI-generated recommendations present alternatives, acknowledge uncertainty, and avoid language that forecloses user choice or characterizes individuals in dehumanizing terms.",
      "Measure autonomy-preservation indicators in production via user research: rate of users who report feeling pressured, rate of AI-suggested options accepted without modification, and escalation rate for human review."
     ],
     "ethics_officer": {
      "summary": "Human dignity and autonomy are non-negotiable ethical baselines. The ethics officer sets the prohibited patterns standard, reviews red-team findings, and has authority to require system changes when autonomy-undermining behaviors are identified.",
      "actions": [
       "Maintain and publish the prohibited patterns registry with clear definitions and illustrative examples.",
       "Review red-team reports for dignity and autonomy findings and track remediation to closure.",
       "Establish escalation protocols for product features that are flagged for potential autonomy erosion."
      ],
      "failure_signals": [
       "Red-team findings identifying manipulative patterns not remediated within defined SLA.",
       "User research showing more than 10% of users report feeling pressured or coerced by AI outputs.",
       "Product requirements that explicitly or implicitly optimize for dependency induction."
      ]
     },
     "data_scientist": {
      "summary": "Training data and optimization objectives shape whether a model learns autonomy-preserving or autonomy-undermining behaviors. Data scientists must evaluate datasets for manipulation-inducing patterns and audit objective functions.",
      "actions": [
       "Audit training datasets for behavioral data derived from dark-pattern interfaces or coercive contexts.",
       "Review model optimization objectives to ensure engagement metrics do not proxy for manipulation or dependency.",
       "Implement behavioral probes in model evaluation to detect persuasion-maximizing or autonomy-undermining output tendencies."
      ],
      "failure_signals": [
       "Optimization objectives that correlate with user compliance or dependency metrics.",
       "Evaluation benchmarks that reward persuasion effectiveness without autonomy preservation constraints.",
       "Training data audits not completed before model deployment."
      ]
     },
     "grc_auditor": {
      "summary": "Dignity and autonomy protections are verifiable through design documentation, red-team evidence, and user research data. Auditors assess whether controls are operationally effective, not merely documented.",
      "actions": [
       "Review prohibited patterns registry for completeness and currency against emerging manipulation techniques.",
       "Examine red-team reports and verify findings are tracked to remediation.",
       "Inspect user research results for autonomy-preservation indicators across product lines."
      ],
      "metrics": [
       "Red-team findings remediated within SLA: target 100% of high-severity findings.",
       "User research autonomy-pressure rate: target <5%.",
       "Prohibited patterns registry update frequency: target at least 2 updates per year."
      ],
      "failure_signals": [
       "Red-team program not conducted on production AI systems.",
       "No user research mechanism capturing autonomy-related experience.",
       "Prohibited patterns registry older than 18 months without review."
      ]
     },
     "business_stakeholder": {
      "summary": "Autonomy-preserving AI builds long-term user trust and reduces regulatory exposure. Short-term engagement gains from manipulative design patterns create material liability.",
      "actions": [
       "Ensure product KPIs do not incentivize design choices that undermine user autonomy or dignity.",
       "Include dignity and autonomy review as a standard gate in product feature approval processes.",
       "Track regulatory developments on manipulation prohibition under EU AI Act and DSA and adjust product standards accordingly."
      ],
      "failure_signals": [
       "Engagement KPIs that cannot be achieved without reliance on pressure or manipulation.",
       "Product feature launches that bypass ethics review gates.",
       "No documented response plan for public or regulatory autonomy-related complaints."
      ]
     }
    },
    "maturity": {
     "current": "initial",
     "target": "managed",
     "notes": "Most organizations lack systematic testing for autonomy-undermining behaviors; dignity considerations are typically addressed only in reactive content moderation, not proactive design governance."
    },
    "capability_risk": {
     "capability_level": "none"
    },
    "tiers": [
     "universal-enterprise",
     "high-risk-sector",
     "eu-high-risk-ai",
     "multi-tenant"
    ],
    "implementers": [
     "Ethics Office",
     "Product Design",
     "Machine Learning Engineering",
     "Legal Counsel"
    ],
    "frameworks": [
     {
      "framework": "eu_charter",
      "requirement_id": "Art. 1",
      "fit": "direct",
      "rationale": "EU Charter Article 1 establishes the inviolability of human dignity as the foundational right from which all others derive. AI systems that demean individuals or manipulate them without their knowledge or consent directly implicate this provision. The Charter's binding force within EU jurisdictions makes dignity preservation a legal obligation, not merely an ethical aspiration.",
      "normative_force": "binding-law",
      "source_version": "2012/C 326/02",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "satisfies"
     },
     {
      "framework": "eu_ai_act",
      "requirement_id": "Art. 5(1)(b)",
      "fit": "direct",
      "rationale": "EU AI Act Article 5(1)(b) prohibits AI systems that exploit vulnerabilities or use subliminal techniques to materially distort behavior in ways that harm users — a direct prohibition on autonomy-undermining manipulation. This control's prohibited patterns registry implements the Article 5 prohibition operationally.",
      "normative_force": "binding-law",
      "source_version": "2024/1689",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "satisfies"
     },
     {
      "framework": "un_ethics_ai",
      "requirement_id": "¶35–¶36 (Human oversight and determination)",
      "fit": "direct",
      "rationale": "UNESCO Recommendation ¶35–36 (human oversight and determination) require that ultimate human responsibility and determination are preserved in AI-assisted contexts. HI-02's autonomy-preservation and anti-manipulation requirements protect exactly the human determination the Recommendation reserves, and the instrument's adoption by 193 member states gives that expectation broad normative legitimacy.",
      "normative_force": "voluntary-standard",
      "source_version": "2021",
      "reviewed_on": "2026-07-02",
      "basis": "asserted",
      "relation": "informs"
     },
     {
      "framework": "ieee_7000",
      "requirement_id": "Clause 8 (Ethical values elicitation and prioritization)",
      "fit": "direct",
      "rationale": "IEEE 7000-2021 clause 8 (ethical values elicitation and prioritization) requires that stakeholder values — with autonomy and dignity among the core candidates — are explicitly elicited and prioritized as design-time inputs rather than post-hoc considerations. The standard's engineering discipline provides the methodology for operationalizing dignity and autonomy into testable system requirements.",
      "normative_force": "voluntary-standard",
      "source_version": "2021",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "acm_ethics",
      "requirement_id": "§1.1",
      "fit": "partial",
      "rationale": "ACM Code of Ethics §1.1 requires computing professionals to contribute to human well-being and avoid harm, which includes the design of systems that respect human dignity and autonomy. This principle applies to all practitioners involved in AI system design, training, and deployment.",
      "normative_force": "best-practice",
      "source_version": "2018",
      "reviewed_on": "2026-06-29",
      "basis": "asserted",
      "relation": "informs"
     },
     {
      "framework": "oecd_ai_principles",
      "requirement_id": "Principle 1.1",
      "fit": "partial",
      "rationale": "OECD AI Principle 1.1 calls for AI that respects human rights and democratic values, explicitly including autonomy. The OECD framework's integration into national AI policies across 38+ member nations gives this principle operational weight in procurement and regulatory contexts.",
      "normative_force": "voluntary-standard",
      "source_version": "2024",
      "reviewed_on": "2026-07-02",
      "basis": "asserted",
      "relation": "informs"
     },
     {
      "framework": "openai_model_spec",
      "requirement_id": "Stay in bounds — Don't facilitate the targeted manipulation of political views; Seek the truth together",
      "fit": "direct",
      "rationale": "The Model Spec's Stay in bounds rules include a prohibition on facilitating the targeted manipulation of political views, and its Seek the truth together section requires honest, non-deceptive engagement that supports rather than substitutes for user reasoning. Both provisions target the illegitimate-influence harms that HI-02's prohibited patterns registry addresses, providing vendor-level precedent for treating non-manipulation as a threshold behavioral requirement.",
      "normative_force": "best-practice",
      "source_version": "2025-12-18",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "microsoft_rai",
      "requirement_id": "Goal T3 (Disclosure of AI interaction)",
      "fit": "partial",
      "rationale": "Microsoft Responsible AI Standard v2 transparency requirements mandate that AI systems communicate their nature and limitations honestly, enabling users to make informed decisions rather than deferring uncritically to AI outputs. Human Dignity and Autonomy Preservation's requirement for output design that presents alternatives, acknowledges uncertainty, and avoids language that forecloses user choice directly implements this transparency obligation in the product layer. Microsoft's inclusiveness requirements additionally reinforce the dignity dimension by requiring that AI systems treat all users as persons worthy of respect rather than optimization targets.",
      "normative_force": "best-practice",
      "source_version": "v2 (2022)",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "google_ai_principles",
      "requirement_id": "Responsible development and deployment — appropriate human oversight, due diligence, and feedback mechanisms",
      "fit": "partial",
      "rationale": "Google's current AI Principles (the 2025 revision, which replaced the 2018 seven-principles list with three pillars — Bold innovation; Responsible development and deployment; Collaborative progress) commit to human oversight and feedback mechanisms that keep people in control of AI-mediated outcomes. HI-02's prohibited patterns registry and red-team evaluations detect and remediate autonomy-undermining system behavior, enforcing the user agency that the oversight commitment presupposes.",
      "normative_force": "best-practice",
      "source_version": "2025",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "meta_llama_rai",
      "requirement_id": "Llama Acceptable Use Policy (separate document)",
      "fit": "partial",
      "rationale": "The Llama Acceptable Use Policy (separate from the Responsible Use Guide) prohibits use of the models to deceive or manipulate individuals, including generating disinformation and misrepresenting AI output as human-generated. HI-02's prohibited patterns registry should carry these license-level prohibitions into product-layer design constraints for Llama-based systems.",
      "normative_force": "best-practice",
      "source_version": "2023",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     }
    ],
    "canonical_id": "apeiris://ethics/controls/HI-02",
    "meta": {
     "authored_on": "2026-06-29",
     "schema_version": "1.1.0"
    },
    "validation_objective": "No AI system may be deployed or continue operating if a red-team evaluation has identified unresolved high-severity dignity violations or autonomy-undermining patterns within the control's defined remediation SLA. All production AI systems must have a current red-team evaluation on record (within the prior 90 days), and production user research must show autonomy-pressure indicators below the 5% threshold.",
    "evidence_required": [
     "red_team_evaluation_report per AI system, conducted within the prior 90 days, scored against the dignity and autonomy rubric with all findings categorized by severity and tracked to remediation status",
     "prohibited_patterns_registry document listing current prohibited patterns with definitions, illustrative examples, and most recent review date confirming currency within 18 months",
     "optimization_objective_audit_record demonstrating that model training objectives were reviewed for engagement or dependency metrics that could proxy for manipulation or autonomy-undermining behavior",
     "user_research_results showing autonomy-preservation indicators including percentage of users reporting pressure, rate of AI suggestions accepted without modification, measurement methodology, and sample demographics",
     "remediation_tracker showing all open red-team findings with severity classification, assigned owner, SLA due date, and current resolution status"
    ],
    "machine_tests": [
     "Submit a catalog of 20 dignity-risk test prompts to each production AI system → assert zero outputs match prohibited patterns registry entries across all test cases",
     "Present AI system with a scenario where the user expresses intent to discontinue use → assert system output does not employ urgency language, social pressure framing, or dependency-inducing arguments in response",
     "Run prohibited patterns classifier over production output logs for the prior 30 days → assert flagged output rate is below the defined escalation threshold for each system"
    ],
    "human_review": [
     "Review red-team evaluation reports with ethics officer participation to assess completeness of manipulation scenario coverage and adequacy of remediation plans for all identified findings",
     "Assess whether product KPIs and model optimization objectives in current use incentivize engagement or conversion patterns that correlate with entries in the prohibited patterns registry",
     "Evaluate user research autonomy-pressure results for statistical adequacy and assess whether results above the 5% threshold represent isolated edge cases or systemic design issues requiring intervention"
    ],
    "blocking_effect": "blocks-deployment",
    "normative_status": "binding-law",
    "anti_patterns": [
     "Conducting red-team evaluation only at initial model release and not on a quarterly cadence, allowing manipulative behaviors introduced by fine-tuning or prompt updates to remain undetected",
     "Defining prohibited patterns solely in terms of explicit harmful outputs without addressing subtle autonomy-undermining patterns such as artificial urgency, false scarcity framing, or dependency-inducing conversational structures",
     "Optimizing model training on user engagement or retention metrics without auditing whether the learned behavior correlates with manipulation or dependency induction as defined in the prohibited patterns registry",
     "Treating autonomy-pressure user research results below 10% as acceptable without investigating whether affected users cluster in vulnerable population categories where lower thresholds should apply",
     "Allowing product requirements to set output tone and conversational framing without ethics review, enabling business-driven design choices to introduce autonomy-undermining patterns that model-level evaluations do not test for"
    ],
    "update_status": "current",
    "layer_code": "HI"
   },
   {
    "id": "HI-03",
    "layer": "HI",
    "plane": "control",
    "name": "Vulnerable Population Protection",
    "plain": "AI systems that interact with, make decisions about, or produce outputs affecting vulnerable populations — including persons with disabilities, elderly individuals, those in financial or emotional distress, individuals with low digital literacy, and others identified through risk assessment — must implement enhanced safeguards proportionate to the heightened harm potential those interactions carry.",
    "threat": {
     "tags": [
      "vulnerability-exploitation",
      "disproportionate-harm",
      "safeguard-bypass",
      "informed-consent-failure"
     ],
     "desc": "Vulnerable populations face amplified harm from AI failures: an elderly person may not recognize manipulative design patterns; a person in crisis may be further destabilized by an insensitive AI response; an individual with cognitive disability may be unable to exercise meaningful rights or seek redress. Standard-design AI systems built for median users systematically underperform for non-median populations, converting statistical edge cases into lived harms."
    },
    "standard": [
     {
      "id": "eu_ai_act",
      "section": "Art. 9(2)(b)",
      "title": "Risk management — heightened protection for vulnerable groups"
     },
     {
      "id": "eu_charter",
      "section": "Art. 26",
      "title": "Integration of persons with disabilities"
     },
     {
      "id": "ieee_7000",
      "section": "Clause 10",
      "title": "Ethical risk-based design — differential impact on non-median populations"
     },
     {
      "id": "nist_rmf",
      "section": "MEASURE 2.11",
      "title": "Fairness and bias measurement for affected populations"
     }
    ],
    "sources": [
     {
      "id": "openai_model_spec_2024",
      "title": "OpenAI Model Specification",
      "authority": "OpenAI, L.L.C.",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2024",
      "published_on": "2024-05-08",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://cdn.openai.com/spec/model-spec-2024-05-08.html",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "openai_model_spec_2024",
      "relationship": "informative_reference",
      "rationale": "Establishes OpenAI Model Specification requirements informing the apeiris://ethics/controls/HI-03 Vulnerable Population Protection control.",
      "reviewed_on": "2026-07-01"
     },
     {
      "id": "microsoft_rai_standard_v2_2022",
      "title": "Microsoft Responsible AI Standard v2",
      "authority": "Microsoft Corporation",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2",
      "published_on": "2022-06-21",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.microsoft.com/en-us/ai/responsible-ai",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "microsoft_rai_standard_v2_2022",
      "relationship": "informative_reference",
      "rationale": "Establishes Microsoft Responsible AI Standard v2 requirements informing the apeiris://ethics/controls/HI-03 Vulnerable Population Protection control.",
      "reviewed_on": "2026-07-01"
     },
     {
      "id": "google_ai_principles_2023",
      "title": "Google AI Principles",
      "authority": "Google LLC",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2025",
      "published_on": "2025-02-04",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://ai.google/responsibility/principles/",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "google_ai_principles_2023",
      "relationship": "informative_reference",
      "rationale": "Establishes Google AI Principles requirements informing the apeiris://ethics/controls/HI-03 Vulnerable Population Protection control.",
      "reviewed_on": "2026-07-02"
     },
     {
      "id": "ibm_ai_fairness_360_2021",
      "title": "IBM AI Fairness 360 (AIF360)",
      "authority": "IBM Corporation",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2018",
      "published_on": "2018-09-19",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://github.com/Trusted-AI/AIF360",
      "license": "open-source-apache2",
      "status": "current",
      "flagship": false,
      "source_id": "ibm_ai_fairness_360_2021",
      "relationship": "informative_reference",
      "rationale": "Establishes IBM AI Fairness 360 (AIF360) requirements informing the apeiris://ethics/controls/HI-03 Vulnerable Population Protection control.",
      "reviewed_on": "2026-07-02"
     },
     {
      "id": "meta_llama_responsible_use_2024",
      "title": "Meta Llama Responsible Use Guide",
      "authority": "Meta Platforms, Inc.",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2023",
      "published_on": "2023-07-18",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.llama.com/responsible-use-guide/",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "meta_llama_responsible_use_2024",
      "relationship": "informative_reference",
      "rationale": "Establishes Meta Llama Responsible Use Guide requirements informing the apeiris://ethics/controls/HI-03 Vulnerable Population Protection control.",
      "reviewed_on": "2026-07-02"
     }
    ],
    "implementation": {
     "pattern": "A vulnerability impact assessment layer is integrated into the AI risk management process: systems are scored on vulnerability exposure (which vulnerable populations are in-scope, at what frequency, with what decision stakes), and higher scores trigger mandatory enhanced safeguards including slower processing, human review gates, simplified communication options, and enhanced consent flows.",
     "steps": [
      "Define and maintain a vulnerability taxonomy covering at minimum: minors, elderly (65+), persons with cognitive or sensory disabilities, individuals in acute financial distress, individuals in mental health crisis, and persons with limited digital literacy; map each category to relevant heightened harm vectors.",
      "Conduct vulnerability impact screening during system design: identify which vulnerable population categories are in scope for each AI system, estimate exposure frequency, and assign a vulnerability risk score that triggers proportionate enhanced-safeguard requirements.",
      "Implement enhanced safeguards for systems with non-trivial vulnerability exposure: simplified language options, extended processing time, mandatory human review for high-stakes decisions, accessible interface alternatives meeting WCAG 2.1 AA minimum, and crisis detection with appropriate escalation pathways.",
      "Conduct user testing with representative members of identified vulnerable groups before deployment and annually in production, measuring comprehension, consent quality, ability to exercise rights, and satisfaction with interaction design."
     ],
     "ethics_officer": {
      "summary": "Vulnerable population protection requires explicit design attention, not reliance on universal-design adequacy. The ethics officer ensures vulnerability impact screening is conducted rigorously and that enhanced safeguards are proportionate and effective.",
      "actions": [
       "Maintain and update the vulnerability taxonomy based on emerging research and regulatory guidance.",
       "Review vulnerability impact screening results for all new AI systems and enforce enhanced safeguard requirements.",
       "Ensure user testing with vulnerable populations is conducted by qualified researchers using appropriate ethical protocols."
      ],
      "failure_signals": [
       "Systems with known vulnerable-population exposure deployed without completed vulnerability impact screening.",
       "Enhanced safeguards not implemented for systems with high vulnerability risk scores.",
       "User testing conducted without representative vulnerable population participants."
      ]
     },
     "data_scientist": {
      "summary": "Training data and evaluation sets must adequately represent vulnerable populations. Models trained on majority-population data systematically underperform for edge populations — an artifact that disproportionate-harm risk management must address.",
      "actions": [
       "Audit training and evaluation datasets for representation of identified vulnerable population categories.",
       "Evaluate model performance separately for each vulnerable population category and document performance gaps.",
       "Implement bias mitigation techniques when evaluation reveals performance disparities exceeding defined thresholds."
      ],
      "failure_signals": [
       "Model evaluations that do not disaggregate performance by vulnerable population categories.",
       "Known performance gaps for vulnerable populations not addressed before deployment.",
       "Training data with systematic underrepresentation of vulnerable population samples."
      ]
     },
     "grc_auditor": {
      "summary": "Vulnerable population protections must be verifiable through documented screening, safeguard implementation evidence, and user testing results — not asserted through policy alone.",
      "actions": [
       "Request vulnerability impact screening records for all production AI systems and verify completeness.",
       "Inspect enhanced safeguard implementations for systems with high vulnerability risk scores.",
       "Review user testing protocols and results for evidence that vulnerable population participants were included."
      ],
      "metrics": [
       "Vulnerability impact screening completion rate: target 100% of new AI systems.",
       "Enhanced safeguard implementation rate for high-risk-score systems: target 100%.",
       "Accessible interface compliance (WCAG 2.1 AA): target 100% of user-facing systems."
      ],
      "failure_signals": [
       "Systems deployed without vulnerability impact screening documentation.",
       "High-vulnerability-risk systems lacking documented enhanced safeguard implementations.",
       "No user testing evidence involving vulnerable population participants."
      ]
     },
     "business_stakeholder": {
      "summary": "Failure to protect vulnerable populations creates regulatory exposure, litigation risk, and reputational damage. Proactive safeguards are materially cheaper than reactive remediation.",
      "actions": [
       "Ensure vulnerable population considerations are included in product scope definitions and launch checklists.",
       "Allocate resources for accessible design and user testing with diverse populations as standard budget line items.",
       "Establish escalation pathways for product teams that identify vulnerable population risks during development."
      ],
      "failure_signals": [
       "Accessible design treated as post-launch backlog rather than launch requirement.",
       "User testing budgets that exclude representative vulnerable population participants.",
       "No business owner accountability for vulnerable population harm incidents."
      ]
     }
    },
    "maturity": {
     "current": "initial",
     "target": "defined",
     "notes": "Vulnerability impact assessment as a distinct AI risk management step is rare; most organizations rely on general fairness assessments that do not adequately capture non-majority population harm patterns."
    },
    "capability_risk": {
     "capability_level": "none"
    },
    "tiers": [
     "universal-enterprise",
     "high-risk-sector",
     "eu-high-risk-ai",
     "multi-tenant"
    ],
    "implementers": [
     "Ethics Office",
     "Product Design",
     "Data Science",
     "Accessibility Engineering"
    ],
    "frameworks": [
     {
      "framework": "eu_ai_act",
      "requirement_id": "Art. 9(2)(b)",
      "fit": "direct",
      "rationale": "EU AI Act Article 9(2)(b) explicitly requires that risk management measures account for the reasonably foreseeable misuse and the heightened vulnerability of specific groups, including children and persons with disabilities. This control operationalizes that requirement through structured vulnerability screening and proportionate safeguard implementation.",
      "normative_force": "binding-law",
      "source_version": "2024/1689",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "satisfies"
     },
     {
      "framework": "eu_charter",
      "requirement_id": "Art. 26",
      "fit": "direct",
      "rationale": "EU Charter Article 26 establishes the right of persons with disabilities to integration and participation. AI systems that fail to implement accessible design and adequate safeguards for users with disabilities violate this charter right. The control's WCAG compliance requirement directly implements the charter's integration mandate.",
      "normative_force": "binding-law",
      "source_version": "2012/C 326/02",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "satisfies"
     },
     {
      "framework": "ieee_7000",
      "requirement_id": "Clause 10 (Ethical risk-based design)",
      "fit": "direct",
      "rationale": "IEEE 7000-2021 clause 10's ethical risk-based design process requires assessing the risks of value violations for affected stakeholder groups, which includes populations whose circumstances differ from the median user. The control's vulnerability impact scoring methodology adapts this risk-based approach into a practical protection instrument for vulnerable populations.",
      "normative_force": "voluntary-standard",
      "source_version": "2021",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "nist_rmf",
      "requirement_id": "MEASURE 2.11",
      "fit": "direct",
      "rationale": "NIST AI RMF MEASURE 2.11 requires that fairness and bias are evaluated and results demonstrated, including disaggregated analysis across affected subpopulations. The control's requirement for separate model performance evaluation by vulnerable population category directly implements this measure.",
      "normative_force": "voluntary-standard",
      "source_version": "1.0",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "un_ethics_ai",
      "requirement_id": "¶28–¶30 (Fairness and non-discrimination)",
      "fit": "partial",
      "rationale": "UNESCO Recommendation ¶28–30 (fairness and non-discrimination) call for inclusive approaches that prevent discriminatory or biased outcomes, with particular attention to marginalized and vulnerable persons. HI-03's vulnerability taxonomy and proportionate safeguard requirements respond to that mandate where general fairness principles alone are insufficient.",
      "normative_force": "voluntary-standard",
      "source_version": "2021",
      "reviewed_on": "2026-07-02",
      "basis": "asserted",
      "relation": "informs"
     },
     {
      "framework": "openai_model_spec",
      "requirement_id": "Stay in bounds — Try to prevent imminent real-world harm",
      "fit": "partial",
      "rationale": "The Model Spec's harm-prevention rules in Stay in bounds, together with its dedicated Under-18 Principles section, recognize that acceptable model behavior depends on the vulnerability of the affected user. HI-03's requirement for safeguards proportionate to heightened harm potential applies the same logic at the deployment level, extending vendor-level protections into organizational vulnerability screening and enhanced safeguards.",
      "normative_force": "best-practice",
      "source_version": "2025-12-18",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "microsoft_rai",
      "requirement_id": "Goal I1 (Inclusiveness — accessibility standards)",
      "fit": "direct",
      "rationale": "Microsoft Responsible AI Standard v2 inclusiveness requirements explicitly mandate that AI systems be designed to serve all people equitably, including those who are often underserved or at heightened risk — which encompasses the vulnerable population categories that Vulnerable Population Protection defines in its taxonomy. The standard's requirement for testing with diverse populations aligns with this control's mandatory user testing with representative vulnerable population participants before deployment and annually in production. Microsoft's impact assessment framework additionally requires that vulnerability and accessibility gaps be identified and mitigated before deployment authorization, paralleling this control's vulnerability impact screening gate.",
      "normative_force": "best-practice",
      "source_version": "v2 (2022)",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "google_ai_principles",
      "requirement_id": "Responsible development and deployment — mitigating unintended or harmful outcomes and avoiding unfair bias",
      "fit": "partial",
      "rationale": "Google's current AI Principles (the 2025 revision, which replaced the 2018 seven-principles list with three pillars — Bold innovation; Responsible development and deployment; Collaborative progress) commit to mitigating unintended or harmful outcomes and avoiding unfair bias — including the systematic underperformance that majority-trained systems exhibit for non-majority groups. HI-03's vulnerability impact scoring, disaggregated performance evaluation, and enhanced safeguards operationalize that commitment for populations with heightened exposure to harm.",
      "normative_force": "best-practice",
      "source_version": "2025",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "ibm_ai_fairness",
      "requirement_id": "Subgroup fairness metrics and bias mitigation algorithms",
      "fit": "partial",
      "rationale": "AIF360 computes fairness metrics disaggregated by specified groups, which HI-03 uses to evaluate model performance separately for vulnerable population categories and to trigger mitigation when gaps exceed thresholds. The toolkit's mitigation algorithms (reweighing, adversarial debiasing) provide remediation options when disparities are found.",
      "normative_force": "best-practice",
      "source_version": "2018",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "meta_llama_rai",
      "requirement_id": "Responsible AI considerations (fairness and inclusion)",
      "fit": "partial",
      "rationale": "The Responsible Use Guide's responsible AI considerations address fairness and inclusion in LLM products, recommending evaluation of how systems perform for different user populations and mitigation where performance or safety differs. HI-03's vulnerability taxonomy and disaggregated performance requirements operationalize those considerations for populations with heightened exposure to harm.",
      "normative_force": "best-practice",
      "source_version": "2023",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     }
    ],
    "canonical_id": "apeiris://ethics/controls/HI-03",
    "meta": {
     "authored_on": "2026-06-29",
     "schema_version": "1.1.0"
    },
    "validation_objective": "Every AI system in production must have a completed vulnerability impact screening record identifying which vulnerable population categories are in scope, their exposure frequency, and the resulting vulnerability risk score. All systems scoring above the defined threshold must have documented and verified enhanced safeguards implemented, and user testing results from representative vulnerable population participants must be on file prior to deployment and refreshed within 12 months.",
    "evidence_required": [
     "vulnerability_impact_screening_record per AI system listing all vulnerable population categories assessed, exposure frequency estimates, vulnerability risk score, and scoring rationale, with completion date before initial deployment",
     "enhanced_safeguard_implementation_record for each system scoring above the vulnerability risk threshold, documenting each required safeguard (simplified language options, WCAG 2.1 AA compliance, human review gates for high-stakes decisions, crisis detection and escalation pathways) with implementation verification evidence",
     "user_testing_results from sessions conducted with representative members of each identified vulnerable population category including comprehension scores, consent quality observations, and rights-exercise assessments",
     "model_performance_disaggregation_report showing evaluation metrics separately for each vulnerable population category with identified performance gaps and applied bias mitigation measures",
     "wcag_compliance_audit_report for all user-facing interfaces confirming WCAG 2.1 AA conformance or documenting known exceptions with assigned remediation timelines"
    ],
    "machine_tests": [
     "Submit test inputs representing vulnerable population interaction patterns (crisis language indicators, simplified vocabulary requests, screen reader navigation) → assert the system activates the appropriate response pathway (crisis escalation, simplified language mode, or human review gate) for each category",
     "Run WCAG 2.1 AA automated accessibility scan on all user-facing AI system interfaces → assert zero critical accessibility violations and that any moderate violations have associated remediation tickets",
     "Query vulnerability impact screening registry against the AI system inventory → assert 100% of production systems have a screening record with a completion date prior to their initial deployment date"
    ],
    "human_review": [
     "Conduct user testing with at least five representative members of each identified vulnerable population category and evaluate comprehension of AI outputs, ease of consent withdrawal, and ability to locate and use human review pathways",
     "Review model performance disaggregation report to determine whether performance gaps for vulnerable population categories exceed acceptable thresholds and verify that bias mitigation measures were applied and re-evaluated post-mitigation",
     "Verify that crisis detection and escalation pathways for mental health and financial distress scenarios are implemented, functionally tested, and connected to appropriate human support resources"
    ],
    "blocking_effect": "blocks-deployment",
    "normative_status": "binding-law",
    "anti_patterns": [
     "Conducting vulnerability impact screening as a generic stakeholder analysis that lists population groups without assigning exposure frequencies or risk scores, producing documentation that does not differentiate safeguard requirements",
     "Treating WCAG accessibility compliance as the entirety of vulnerable population protection without addressing the distinct safeguard needs of populations at risk for manipulation, crisis harm, or financial exploitation",
     "Using aggregate fairness evaluation metrics without separately analyzing performance for each defined vulnerable population category, allowing systematic underperformance for specific groups to be masked by acceptable overall metrics",
     "Deploying AI systems with crisis-language exposure without implementing escalation pathways connected to human support resources, relying instead on generic disclaimers about seeking professional help",
     "Conducting user testing exclusively with majority-population convenience samples and recording vulnerable population testing as planned without evidence of completion before production deployment"
    ],
    "update_status": "current",
    "layer_code": "HI"
   },
   {
    "id": "HI-04",
    "layer": "HI",
    "plane": "control",
    "name": "Human Oversight and Override Mechanisms",
    "plain": "AI systems deployed in consequential decision contexts must provide qualified human operators with meaningful oversight capability and effective override authority — ensuring that human judgment can be exercised, that AI outputs are clearly distinguished from operator decisions, and that override actions are logged and traceable.",
    "threat": {
     "tags": [
      "automation-bias",
      "override-circumvention",
      "accountability-diffusion",
      "meaningful-oversight-failure"
     ],
     "desc": "Automation bias causes human operators to defer uncritically to AI outputs, rendering nominally human-in-the-loop processes functionally AI-decided. Systems that present outputs as recommendations while making override economically or procedurally costly effectively remove human oversight. When AI errors occur in these contexts, accountability is diffused across human and machine actors in ways that leave harmed individuals without meaningful recourse."
    },
    "standard": [
     {
      "id": "eu_ai_act",
      "section": "Art. 14",
      "title": "Human oversight requirements for high-risk AI systems"
     },
     {
      "id": "nist_rmf",
      "section": "GOVERN 3.2",
      "title": "Roles and responsibilities for human-AI oversight configurations"
     },
     {
      "id": "iso_42001",
      "section": "§8.4",
      "title": "Human oversight in AI operational controls"
     },
     {
      "id": "ieee_7000",
      "section": "Clause 7",
      "title": "Context exploration — human agency in system design"
     }
    ],
    "sources": [
     {
      "id": "microsoft_rai_standard_v2_2022",
      "title": "Microsoft Responsible AI Standard v2",
      "authority": "Microsoft Corporation",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2",
      "published_on": "2022-06-21",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.microsoft.com/en-us/ai/responsible-ai",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "microsoft_rai_standard_v2_2022",
      "relationship": "informative_reference",
      "rationale": "Establishes Microsoft Responsible AI Standard v2 requirements informing the apeiris://ethics/controls/HI-04 Human Oversight and Override Mechanisms control.",
      "reviewed_on": "2026-07-01"
     },
     {
      "id": "openai_model_spec_2024",
      "title": "OpenAI Model Specification",
      "authority": "OpenAI, L.L.C.",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2024",
      "published_on": "2024-05-08",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://cdn.openai.com/spec/model-spec-2024-05-08.html",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "openai_model_spec_2024",
      "relationship": "informative_reference",
      "rationale": "Establishes OpenAI Model Specification requirements informing the apeiris://ethics/controls/HI-04 Human Oversight and Override Mechanisms control.",
      "reviewed_on": "2026-07-01"
     },
     {
      "id": "google_ai_principles_2023",
      "title": "Google AI Principles",
      "authority": "Google LLC",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2025",
      "published_on": "2025-02-04",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://ai.google/responsibility/principles/",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "google_ai_principles_2023",
      "relationship": "informative_reference",
      "rationale": "Establishes Google AI Principles requirements informing the apeiris://ethics/controls/HI-04 Human Oversight and Override Mechanisms control.",
      "reviewed_on": "2026-07-02"
     }
    ],
    "implementation": {
     "pattern": "A meaningful human oversight framework defines, for each AI system in a consequential decision context: the qualified overseer role, the information provided to enable informed review, the friction-free pathway for override, the logging requirements for both AI recommendations and human decisions, and the metrics used to detect automation bias drift.",
     "steps": [
      "Classify all AI systems by consequentiality tier (advisory/significant/critical) and assign mandatory oversight requirements proportionate to tier: critical systems require affirmative human authorization of each decision; significant systems require human review with logged disposition; advisory systems require periodic audit of override rates.",
      "Design interfaces for human oversight to avoid automation-bias-inducing patterns: present AI confidence levels and uncertainty ranges prominently, surface key factors driving the AI recommendation, provide a clearly accessible override pathway that does not require justification for use, and distinguish AI-generated content from operator-entered content unambiguously.",
      "Implement comprehensive logging of AI recommendations, human dispositions (accepted/modified/rejected), and override rationales where provided; retain logs for audit and post-incident review consistent with applicable retention policies.",
      "Monitor override rate trends over time: establish baseline expected override rates, alert when rates drop below thresholds suggesting automation bias, and trigger oversight process review when sustained low-override patterns are detected."
     ],
     "ethics_officer": {
      "summary": "Meaningful human oversight is not achieved by inserting a human step; it requires that the human can and does exercise genuine judgment. The ethics officer monitors for automation bias indicators and ensures oversight processes are substantively effective.",
      "actions": [
       "Review consequentiality tier classifications and oversight requirement assignments for all production AI systems.",
       "Analyze override rate data across systems and escalate patterns suggesting automation bias for operational review.",
       "Evaluate interface designs for consequential AI systems against automation-bias-avoidance criteria."
      ],
      "failure_signals": [
       "Override rates near zero for systems where non-trivial error rates are expected.",
       "Interface designs that present AI outputs without confidence levels or uncertainty disclosure.",
       "Consequential AI systems without logged disposition records."
      ]
     },
     "data_scientist": {
      "summary": "Override rate data is a behavioral signal about model performance and human-AI interaction quality. Data scientists use this data to improve model calibration and identify failure modes the evaluation suite missed.",
      "actions": [
       "Analyze override data to identify systematic error patterns the AI system exhibits that human operators detect and correct.",
       "Calibrate model confidence outputs so that stated confidence correlates reliably with actual accuracy, enabling meaningful use by human overseers.",
       "Feed override decisions and rationales back into model improvement processes where appropriate and where data governance permits."
      ],
      "failure_signals": [
       "Model confidence outputs that are systematically overconfident beyond acceptable calibration error threshold.",
       "Override data not analyzed for systematic model failure patterns.",
       "No feedback loop between override decisions and model improvement."
      ]
     },
     "grc_auditor": {
      "summary": "Human oversight obligations under EU AI Act Art. 14 are auditable through system design documentation, interface review, logging evidence, and override rate analysis.",
      "actions": [
       "Review consequentiality tier classification methodology and verify all high-risk systems are appropriately classified.",
       "Inspect AI decision interfaces for automation-bias-avoidance design features.",
       "Analyze override rate trends and verify that below-threshold rates trigger documented review processes."
      ],
      "metrics": [
       "Consequentiality tier classification coverage: target 100% of production AI systems.",
       "Systems with override logging implemented: target 100% of significant and critical tier systems.",
       "Override rate monitoring alert response rate: target 100% of alerts trigger documented review within 30 days."
      ],
      "failure_signals": [
       "Significant or critical-tier systems without override logging.",
       "Override rates near zero with no documented automation bias investigation.",
       "Interface designs that have not been reviewed against automation-bias criteria."
      ]
     },
     "business_stakeholder": {
      "summary": "Human oversight is a regulatory requirement for high-risk AI and a liability management tool. Documented override processes demonstrate due diligence when AI-related harms are reviewed.",
      "actions": [
       "Ensure operational processes assign named human overseers for consequential AI systems with clear accountability.",
       "Include override rate monitoring in operational reporting for AI-assisted decision processes.",
       "Escalate sustained low-override rate alerts to senior leadership as a governance signal."
      ],
      "failure_signals": [
       "Consequential AI decisions without assigned human oversight accountability.",
       "Override rate data not included in operational governance reporting.",
       "Human oversight steps treated as compliance theater rather than substantive decision participation."
      ]
     }
    },
    "maturity": {
     "current": "initial",
     "target": "managed",
     "notes": "Most enterprises have nominal human-in-the-loop designs without the automation-bias monitoring or override friction analysis needed to verify meaningful oversight in practice."
    },
    "capability_risk": {
     "capability_level": "none"
    },
    "tiers": [
     "universal-enterprise",
     "high-risk-sector",
     "eu-high-risk-ai",
     "federated-enterprise"
    ],
    "implementers": [
     "Ethics Office",
     "Platform Engineering",
     "Operations",
     "Compliance Team"
    ],
    "frameworks": [
     {
      "framework": "eu_ai_act",
      "requirement_id": "Art. 14",
      "fit": "direct",
      "rationale": "EU AI Act Article 14 mandates that high-risk AI systems be designed to allow effective human oversight, including the ability to understand capabilities and limitations, detect and address malfunctions, and override or interrupt system outputs. This control operationalizes each of these requirements through tier-based oversight design and automation-bias monitoring.",
      "normative_force": "binding-law",
      "source_version": "2024/1689",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "satisfies"
     },
     {
      "framework": "nist_rmf",
      "requirement_id": "GOVERN 3.2",
      "fit": "direct",
      "rationale": "NIST AI RMF GOVERN 3.2 requires policies and procedures that define and differentiate roles and responsibilities for human-AI configurations and oversight of AI systems. The control's consequentiality tiers, override authority, and disposition logging implement exactly that oversight governance.",
      "normative_force": "voluntary-standard",
      "source_version": "1.0",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "iso_42001",
      "requirement_id": "§8.4",
      "fit": "direct",
      "rationale": "ISO/IEC 42001 §8.4 requires operational controls for AI systems to include human oversight mechanisms appropriate to the system's risk level. The control's consequentiality tier framework maps directly to this proportionality requirement.",
      "normative_force": "certification-standard",
      "source_version": "2023",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "ieee_7000",
      "requirement_id": "Clause 7 (Concept of operations and context exploration)",
      "fit": "partial",
      "rationale": "IEEE 7000-2021 clause 7's context exploration includes analyzing how humans and the system will interact in the operational context, surfacing where human agency and decision authority must be preserved. The control's automation-bias-avoidance interface design criteria implement that human-agency analysis in deployed oversight mechanisms.",
      "normative_force": "voluntary-standard",
      "source_version": "2021",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "microsoft_rai",
      "requirement_id": "Goal A5 (Human oversight and control)",
      "fit": "partial",
      "rationale": "Microsoft Responsible AI Standard v2 Goal A5 (human oversight and control) requires that consequential AI systems maintain clear human accountability for decisions and that oversight and override mechanisms be implemented and tested. This industry standard reinforces the control's practical implementation requirements.",
      "normative_force": "best-practice",
      "source_version": "v2 (2022)",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "openai_model_spec",
      "requirement_id": "The chain of command",
      "fit": "partial",
      "rationale": "The Model Spec's chain of command is an explicit control hierarchy — platform, then operator, then user instructions — designed so that humans retain authority over model behavior at every level, with the spec framing safe behavior as remaining correctable and controllable. HI-04's oversight and override mechanisms build the institutional layer through which that human control is actually exercised in enterprise deployments.",
      "normative_force": "best-practice",
      "source_version": "2025-12-18",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "google_ai_principles",
      "requirement_id": "Responsible development and deployment — appropriate human oversight, due diligence, and feedback mechanisms",
      "fit": "partial",
      "rationale": "Google's current AI Principles (the 2025 revision, which replaced the 2018 seven-principles list with three pillars — Bold innovation; Responsible development and deployment; Collaborative progress) commit expressly to appropriate human oversight of AI. HI-04 implements that commitment institutionally — consequentiality tiers, override authority with logged dispositions, and automation-bias monitoring that detects when human review has degraded to rubber-stamping.",
      "normative_force": "best-practice",
      "source_version": "2025",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "owasp_ai_exchange",
      "requirement_id": "oversight",
      "fit": "direct",
      "rationale": "Both require a human operator to review and be able to override AI recommendations, with HI-04 mandating logged override disposition records for significant/critical-tier systems.",
      "normative_force": "industry-framework",
      "source_version": "continuously-updated",
      "reviewed_on": "2026-07-08",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "mitre",
      "requirement_id": "AML.M0020",
      "fit": "supporting",
      "direction": "control-supports-requirement",
      "rationale": "Control \"All AI systems classified as significant or critical consequentiality tier must have…\" enacts ATLAS mitigation AML.M0020 Generative AI Guardrails; OpenCRE crosswalks this control’s OWASP AI Exchange concept (oversight) to this mitigation.",
      "source_version": "v2026.06",
      "reviewed_on": "2026-07-08",
      "source_status": "authoritative",
      "mapping_confidence": "medium",
      "legal_status": "not-applicable",
      "control_readiness": "approved",
      "implementation_maturity": "developing",
      "assurance_result": "not-assessed",
      "evidence_status": "no-evidence",
      "normative_force": "industry-framework",
      "basis": "asserted",
      "relation": "equivalent_to",
      "correction": "ap38-opencre-enhancement 2026-07-08"
     },
     {
      "framework": "mitre",
      "requirement_id": "AML.M0029",
      "fit": "supporting",
      "direction": "control-supports-requirement",
      "rationale": "Control \"All AI systems classified as significant or critical consequentiality tier must have…\" enacts ATLAS mitigation AML.M0029 Human In-the-Loop for AI Agent Actions; OpenCRE crosswalks this control’s OWASP AI Exchange concept (oversight) to this mitigation.",
      "source_version": "v2026.06",
      "reviewed_on": "2026-07-08",
      "source_status": "authoritative",
      "mapping_confidence": "medium",
      "legal_status": "not-applicable",
      "control_readiness": "approved",
      "implementation_maturity": "developing",
      "assurance_result": "not-assessed",
      "evidence_status": "no-evidence",
      "normative_force": "industry-framework",
      "basis": "asserted",
      "relation": "equivalent_to",
      "correction": "ap38-opencre-enhancement 2026-07-08"
     },
     {
      "framework": "mitre",
      "requirement_id": "AML.M0030",
      "fit": "supporting",
      "direction": "control-supports-requirement",
      "rationale": "Control \"All AI systems classified as significant or critical consequentiality tier must have…\" enacts ATLAS mitigation AML.M0030 Restrict AI Agent Tool Invocation on Untrusted Data; OpenCRE crosswalks this control’s OWASP AI Exchange concept (oversight) to this mitigation.",
      "source_version": "v2026.06",
      "reviewed_on": "2026-07-08",
      "source_status": "authoritative",
      "mapping_confidence": "medium",
      "legal_status": "not-applicable",
      "control_readiness": "approved",
      "implementation_maturity": "developing",
      "assurance_result": "not-assessed",
      "evidence_status": "no-evidence",
      "normative_force": "industry-framework",
      "basis": "asserted",
      "relation": "equivalent_to",
      "correction": "ap38-opencre-enhancement 2026-07-08"
     }
    ],
    "canonical_id": "apeiris://ethics/controls/HI-04",
    "meta": {
     "authored_on": "2026-06-29",
     "schema_version": "1.1.0"
    },
    "validation_objective": "All AI systems classified as significant or critical consequentiality tier must have override logging implemented and producing verifiable disposition records for every AI recommendation reviewed by a human operator. Override rate monitoring must be active and generating alerts when rates fall below defined thresholds, and every alert must trigger a documented review response within 30 days.",
    "evidence_required": [
     "consequentiality_tier_classification_record for every production AI system documenting the assigned tier (advisory/significant/critical), classification rationale, and mandatory oversight requirements that tier triggers",
     "override_audit_log for significant and critical tier systems showing AI recommendations, human dispositions (accepted/modified/rejected), override rationale where provided, and timestamps covering the prior 90 days",
     "override_rate_monitoring_report showing per-system trend data, defined threshold levels, alerts triggered in the prior 12 months, and documented investigation responses with completion dates",
     "interface_design_review_record confirming evaluation of the AI decision interface against automation-bias-avoidance criteria: confidence levels displayed, uncertainty ranges shown, override pathway accessible without additional navigation, AI-generated content distinguished from operator-entered content",
     "human_overseer_assignment_record naming the qualified overseer role for each significant and critical tier AI system with accountability documentation and training evidence"
    ],
    "machine_tests": [
     "Submit 10 AI recommendations in a significant-tier test environment and record human dispositions → assert all 10 generate disposition log entries with recommendation_id, human_decision, disposition_type, and timestamp fields populated",
     "Simulate override rate at 0% for 14 consecutive days in a significant-tier system → assert monitoring system generates an alert and routes notification to the ethics officer and system owner within the configured alert window",
     "Render the AI decision interface in a test environment → assert confidence level display, uncertainty range indicator, and override control are present and accessible on the primary decision view without additional navigation steps"
    ],
    "human_review": [
     "Review override rate trend data for all significant and critical tier systems over the prior 12 months and identify any sustained periods below the automation-bias threshold that did not produce a documented investigation response",
     "Evaluate the AI decision interface for a consequential system against a structured automation-bias-avoidance checklist, assessing whether AI outputs are visually distinguished from operator-entered content and whether the override pathway imposes procedural friction that could discourage use",
     "Verify that human overseers are qualified for their assigned consequential AI systems by reviewing role definitions, training records, and whether the oversight interface provides sufficient information to support an informed independent judgment"
    ],
    "blocking_effect": "blocks-deployment",
    "normative_status": "binding-law",
    "anti_patterns": [
     "Classifying all AI systems as advisory tier to avoid triggering logging and oversight requirements regardless of the actual consequentiality of the AI-influenced decisions in practice",
     "Implementing a human-in-the-loop step that requires the operator to click accept before execution without logging the disposition or monitoring whether overrides ever occur, making meaningful oversight unverifiable",
     "Displaying AI recommendations in a UI that visually dominates the human entry field and positions the AI suggestion as the default, creating procedural friction for override without technically prohibiting it",
     "Monitoring override rates only in aggregate across all systems rather than per system, allowing automation bias in high-stakes individual systems to be masked by healthy override rates elsewhere in the portfolio",
     "Treating override rate alerts as informational notifications to an email distribution list rather than as governance signals requiring documented investigation responses within a defined SLA"
    ],
    "update_status": "current",
    "layer_code": "HI"
   },
   {
    "id": "HI-05",
    "layer": "HI",
    "plane": "control",
    "name": "Remedy and Redress Mechanisms",
    "plain": "Individuals harmed by AI system errors, discriminatory outputs, or rights violations must have access to meaningful, accessible, and timely remediation pathways — including the ability to challenge AI decisions, obtain human review of contested outputs, and receive appropriate remedy where harm is confirmed.",
    "threat": {
     "tags": [
      "remedy-inaccessibility",
      "accountability-evasion",
      "rights-without-recourse",
      "harm-perpetuation"
     ],
     "desc": "AI systems that generate harmful outputs without accessible challenge and remedy mechanisms perpetuate harm indefinitely: an individual incorrectly denied credit, flagged as a fraud risk, or misidentified has no practical way to correct the record or receive compensation. The speed and scale of AI-generated decisions mean harms accumulate faster than manual remediation processes can address. Organizations that design remedy mechanisms to be difficult to access effectively immunize themselves from accountability while retaining the efficiency benefits of automated decision-making."
    },
    "standard": [
     {
      "id": "eu_ai_act",
      "section": "Art. 85",
      "title": "Right to explanation and redress for affected persons"
     },
     {
      "id": "eu_charter",
      "section": "Art. 47",
      "title": "Right to an effective remedy and to a fair trial"
     },
     {
      "id": "oecd_ai_principles",
      "section": "Principle 1.3",
      "title": "Rule of law and access to justice"
     },
     {
      "id": "iso_42001",
      "section": "§9.1",
      "title": "Monitoring, measurement, and complaint handling"
     }
    ],
    "sources": [
     {
      "id": "microsoft_rai_standard_v2_2022",
      "title": "Microsoft Responsible AI Standard v2",
      "authority": "Microsoft Corporation",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2",
      "published_on": "2022-06-21",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.microsoft.com/en-us/ai/responsible-ai",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "microsoft_rai_standard_v2_2022",
      "relationship": "informative_reference",
      "rationale": "Establishes Microsoft Responsible AI Standard v2 requirements informing the apeiris://ethics/controls/HI-05 Remedy and Redress Mechanisms control.",
      "reviewed_on": "2026-07-01"
     },
     {
      "id": "google_ai_principles_2023",
      "title": "Google AI Principles",
      "authority": "Google LLC",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2025",
      "published_on": "2025-02-04",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://ai.google/responsibility/principles/",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "google_ai_principles_2023",
      "relationship": "informative_reference",
      "rationale": "Establishes Google AI Principles requirements informing the apeiris://ethics/controls/HI-05 Remedy and Redress Mechanisms control.",
      "reviewed_on": "2026-07-02"
     }
    ],
    "implementation": {
     "pattern": "A tiered remedy framework is implemented for each AI system: first-tier self-service challenge via a clearly accessible mechanism; second-tier human review by a person with authority to reverse the AI decision; third-tier formal escalation with external oversight availability. All tiers are subject to defined response time SLAs, documented outcome tracking, and root-cause analysis for high-volume complaint patterns.",
     "steps": [
      "Design and implement a challenge mechanism for each AI system that makes consequential decisions about individuals: the mechanism must be discoverable without technical knowledge, accessible to persons with disabilities, operable without requiring legal representation, and available in the languages of the user population served.",
      "Staff and train human reviewers with authority to reverse AI-generated decisions upon challenge; define response time SLAs by decision severity (5 business days for financial decisions, 24 hours for safety-relevant decisions); document reviewer qualifications and independence from the original decision process.",
      "Implement a case management system tracking all challenges from intake through resolution, capturing: decision type, challenge basis, reviewer decision, resolution time, and remedy provided; use this data to identify systematic AI errors driving disproportionate challenge volumes.",
      "Establish a root-cause analysis protocol triggered when challenge volume for a specific decision type exceeds a defined threshold, requiring investigation of the underlying AI system and remediation of systemic errors."
     ],
     "ethics_officer": {
      "summary": "Accessible remedy is an ethical obligation, not a legal formality. The ethics officer ensures remedy mechanisms are genuinely usable, that reviewers are independent, and that root-cause analysis drives systemic improvement rather than per-case closure.",
      "actions": [
       "Conduct annual accessibility reviews of challenge mechanisms across all consequential AI systems.",
       "Review remedy case management data for patterns indicating systematic AI failures.",
       "Escalate to leadership when challenge volumes suggest a systemic AI error requiring product remediation."
      ],
      "failure_signals": [
       "Challenge mechanisms not accessible to users with disabilities.",
       "Challenge mechanisms not prominently disclosed in AI-generated decision communications.",
       "Root-cause analysis not triggered despite elevated challenge volumes."
      ]
     },
     "legal_counsel": {
      "summary": "EU AI Act Art. 85 and GDPR Art. 22 create legally enforceable remedy rights. Legal must ensure the organization's remedy framework satisfies these obligations and that remedy processes create appropriate documentation for litigation and regulatory inquiry.",
      "actions": [
       "Review remedy mechanism design for compliance with EU AI Act Art. 85, GDPR Art. 22, and applicable sectoral laws.",
       "Ensure challenge processes generate records sufficient to demonstrate due process in regulatory investigations.",
       "Advise on remedy scope — what forms of remedy (reversal, compensation, apology) are legally required versus discretionary."
      ],
      "failure_signals": [
       "Remedy processes that do not meet GDPR Art. 22 human review requirements for automated decision-making.",
       "Inadequate records of challenge dispositions for regulatory evidence purposes.",
       "Remedy scope limited to reversal without compensation assessment where compensation is legally required."
      ]
     },
     "grc_auditor": {
      "summary": "Remedy and redress obligations are auditable through accessibility assessments, case management records, SLA compliance data, and root-cause analysis documentation.",
      "actions": [
       "Test challenge mechanism accessibility and discoverability for a sample of consequential AI systems.",
       "Review case management system records for SLA compliance rates and outcome distribution.",
       "Verify that root-cause analysis protocols are triggered and documented when thresholds are exceeded."
      ],
      "metrics": [
       "Challenge mechanism accessibility compliance (WCAG 2.1 AA): target 100% of systems.",
       "Human review SLA compliance rate: target at least 95%.",
       "Root-cause analysis trigger compliance: target 100% of threshold-exceeding events."
      ],
      "failure_signals": [
       "Challenge mechanisms failing accessibility testing.",
       "SLA compliance rates below 90%.",
       "No root-cause analysis records despite challenge volume spikes."
      ]
     },
     "business_stakeholder": {
      "summary": "Accessible remedy reduces litigation exposure, regulatory penalties, and reputational damage. Organizations that make challenges easy to resolve demonstrate good faith that mitigates enforcement risk.",
      "actions": [
       "Include remedy mechanism implementation in product launch requirements for consequential AI systems.",
       "Report challenge volumes, resolution rates, and SLA compliance in AI governance reporting.",
       "Treat elevated challenge volumes as product quality signals requiring investment in AI system improvement."
      ],
      "failure_signals": [
       "Remedy mechanism implementation treated as a post-launch backlog item.",
       "Challenge data not reported in governance oversight forums.",
       "Business resistance to root-cause-driven AI system remediation when challenge volumes indicate systemic failures."
      ]
     }
    },
    "maturity": {
     "current": "initial",
     "target": "defined",
     "notes": "Most AI-deploying organizations do not have formal remedy frameworks; challenge mechanisms where they exist are ad hoc, poorly accessible, and disconnected from root-cause improvement processes."
    },
    "capability_risk": {
     "capability_level": "none"
    },
    "tiers": [
     "universal-enterprise",
     "high-risk-sector",
     "eu-high-risk-ai",
     "federated-enterprise"
    ],
    "implementers": [
     "Ethics Office",
     "Legal Counsel",
     "Customer Operations",
     "Product Management"
    ],
    "frameworks": [
     {
      "framework": "eu_ai_act",
      "requirement_id": "Art. 85",
      "fit": "direct",
      "rationale": "EU AI Act Article 85 provides affected persons with the right to explanation for and redress of decisions made by high-risk AI systems. This control implements the institutional infrastructure — challenge mechanisms, human review, case management — necessary to make that right effective rather than nominal.",
      "normative_force": "binding-law",
      "source_version": "2024/1689",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "satisfies"
     },
     {
      "framework": "eu_charter",
      "requirement_id": "Art. 47",
      "fit": "direct",
      "rationale": "EU Charter Article 47 guarantees the right to an effective remedy before a tribunal for rights violations. AI-generated decisions that affect charter rights must be subject to challenge mechanisms that meet the effectiveness standard the Charter requires — this control's tiered framework and SLA requirements implement that standard.",
      "normative_force": "binding-law",
      "source_version": "2012/C 326/02",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "satisfies"
     },
     {
      "framework": "oecd_ai_principles",
      "requirement_id": "Principle 1.3",
      "fit": "direct",
      "rationale": "OECD AI Principle 1.3 requires AI systems to respect the rule of law, which includes access to justice and effective remedy. The OECD framework's remediation requirements provide international normative grounding for the control's implementation beyond EU jurisdictions.",
      "normative_force": "voluntary-standard",
      "source_version": "2024",
      "reviewed_on": "2026-07-02",
      "basis": "asserted",
      "relation": "informs"
     },
     {
      "framework": "iso_42001",
      "requirement_id": "§9.1",
      "fit": "partial",
      "rationale": "ISO/IEC 42001 §9.1 requires monitoring and measurement of AI system performance, including tracking of complaints and incidents. The case management system and root-cause analysis protocols in this control implement the performance monitoring and improvement requirements of the standard.",
      "normative_force": "certification-standard",
      "source_version": "2023",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "nist_rmf",
      "requirement_id": "MANAGE 4.1",
      "fit": "partial",
      "rationale": "NIST AI RMF MANAGE 4.1 requires post-deployment monitoring plans that include mechanisms for capturing and evaluating input from users and other AI actors, appeal and override, and incident response. HI-05's challenge mechanisms, human review authority, and case management implement the appeal-and-override component of this subcategory.",
      "normative_force": "voluntary-standard",
      "source_version": "1.0",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "microsoft_rai",
      "requirement_id": "Goal A5 (Human oversight and control); Goal RS3 (Ongoing monitoring, feedback, and evaluation)",
      "fit": "partial",
      "rationale": "Microsoft Responsible AI Standard v2 accountability goals require that organizations provide individuals with clear mechanisms for feedback, challenge, and recourse when AI systems cause harm or produce incorrect decisions affecting them. Remedy and Redress Mechanisms implements precisely this accountability obligation through tiered challenge pathways, human review authority with defined qualifications and independence requirements, case management systems, and SLA-bound response commitments. Microsoft's requirement for named human accountability over AI decisions maps to this control's human reviewer authorization structure and oversight independence requirements.",
      "normative_force": "best-practice",
      "source_version": "v2 (2022)",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "google_ai_principles",
      "requirement_id": "Responsible development and deployment — appropriate human oversight, due diligence, and feedback mechanisms",
      "fit": "partial",
      "rationale": "Google's current AI Principles (the 2025 revision, which replaced the 2018 seven-principles list with three pillars — Bold innovation; Responsible development and deployment; Collaborative progress) commit to feedback mechanisms for those affected by AI systems. HI-05's remedy and redress framework — accessible challenge channels, time-bound human review, and root-cause analysis — is the mechanism that makes feedback consequential rather than nominal when AI outputs are harmful or wrong.",
      "normative_force": "best-practice",
      "source_version": "2025",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     }
    ],
    "canonical_id": "apeiris://ethics/controls/HI-05",
    "meta": {
     "authored_on": "2026-06-29",
     "schema_version": "1.1.0"
    },
    "validation_objective": "The AI system must have an accessible, multi-tier challenge and remedy mechanism for every consequential decision, with documented human reviewers holding authority to reverse AI decisions, SLA-bound response times, and a case management system tracking all challenges to resolution. A passing state requires zero consequential AI systems without a discoverable challenge mechanism and human-review SLA compliance rates at or above 95%.",
    "evidence_required": [
     "remedy_mechanism_accessibility_report confirming WCAG 2.1 AA compliance and discoverability for each consequential AI system, including mechanism location within the decision communication and accessibility test results",
     "case_management_system_export showing all challenges in the past 90 days with fields for intake_timestamp, challenge_basis, reviewer_id, resolution_timestamp, and remedy_outcome — no null values permitted",
     "human_reviewer_authorization_record documenting each reviewer's qualifications, organizational independence from the original AI decision process, and formal grant of decision-reversal authority",
     "SLA_compliance_report showing human review response times against tier-specific commitments, segmented by decision severity tier, covering the most recent 12-month period",
     "root_cause_analysis_record for each challenge volume spike exceeding the defined threshold, identifying the systemic AI error driving elevated complaints and documenting the remediation action taken"
    ],
    "machine_tests": [
     "Query case management API for all challenge records in the past 90 days → assert every record contains non-null values for intake_timestamp, reviewer_id, resolution_timestamp, and remedy_outcome fields",
     "Submit a test challenge via the documented challenge mechanism for each registered consequential AI system → assert a unique case_id is returned and the record appears in the case management system within five minutes with status='open'",
     "Fetch the challenge mechanism URL for each registered consequential system → assert a 200 HTTP response, visible challenge form, aria-label attributes present, and the word 'challenge' or 'dispute' in the page title"
    ],
    "human_review": [
     "Test challenge mechanism discoverability and accessibility for a sample of consequential AI systems by attempting to locate and complete the challenge process without technical assistance, verifying WCAG 2.1 AA compliance",
     "Review case management records for a 90-day sample to assess SLA compliance rates, remedy outcome distributions, and whether root-cause analysis was completed for every event exceeding the challenge volume threshold",
     "Assess reviewer independence documentation to confirm that no reviewer is a member of the team responsible for the AI system whose decisions they are reviewing"
    ],
    "blocking_effect": "requires-review",
    "normative_status": "binding-law",
    "anti_patterns": [
     "Placing the challenge mechanism link only in technical API documentation or privacy policy rather than prominently within the AI-generated decision communication received by the affected individual",
     "Assigning human reviewers who are part of the team that produced or maintains the AI system whose decisions they are challenged to review, eliminating the independence the control requires",
     "Treating root-cause analysis as optional when challenge volumes spike above the defined threshold rather than as a mandatory triggered process with documented findings",
     "Building case management systems that capture only the resolution outcome without recording challenge basis, reviewer rationale, and response timestamps, preventing SLA compliance verification",
     "Defining remedy scope as decision reversal only without assessing whether financial compensation or other forms of remedy are legally required for confirmed harms"
    ],
    "update_status": "current",
    "layer_code": "HI"
   },
   {
    "id": "HI-06",
    "layer": "HI",
    "plane": "control",
    "name": "Consent and Agency Preservation for AI Interactions",
    "plain": "Individuals interacting with AI systems must provide meaningful consent based on accurate disclosure of the AI's nature, capabilities, and data practices; they must retain the ability to exercise genuine agency throughout the interaction; and the organization must implement mechanisms to ensure consent remains valid as system capabilities evolve.",
    "threat": {
     "tags": [
      "consent-invalidation",
      "agency-capture",
      "disclosure-failure",
      "evolving-capability-consent-gap"
     ],
     "desc": "Consent obtained for one AI capability does not automatically extend to novel capabilities introduced through model updates. Systems that obscure their AI nature induce users to interact under false assumptions about the nature and reliability of outputs. Interactions designed to maximize engagement or compliance gradually erode user agency through commitment escalation, personalization lock-in, and information asymmetry — rendering technically consented interactions substantively non-consensual."
    },
    "standard": [
     {
      "id": "eu_ai_act",
      "section": "Art. 50",
      "title": "Transparency and disclosure obligations for AI systems"
     },
     {
      "id": "eu_charter",
      "section": "Art. 8",
      "title": "Protection of personal data and consent requirements"
     },
     {
      "id": "un_ethics_ai",
      "section": "¶37",
      "title": "Transparency of AI interactions"
     },
     {
      "id": "acm_ethics",
      "section": "§1.2",
      "title": "Avoid harm — disclosure and informed participation"
     }
    ],
    "sources": [
     {
      "id": "openai_model_spec_2024",
      "title": "OpenAI Model Specification",
      "authority": "OpenAI, L.L.C.",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2024",
      "published_on": "2024-05-08",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://cdn.openai.com/spec/model-spec-2024-05-08.html",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "openai_model_spec_2024",
      "relationship": "informative_reference",
      "rationale": "Establishes OpenAI Model Specification requirements informing the apeiris://ethics/controls/HI-06 Consent and Agency Preservation for AI Interactions control.",
      "reviewed_on": "2026-07-01"
     },
     {
      "id": "microsoft_rai_standard_v2_2022",
      "title": "Microsoft Responsible AI Standard v2",
      "authority": "Microsoft Corporation",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2",
      "published_on": "2022-06-21",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.microsoft.com/en-us/ai/responsible-ai",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "microsoft_rai_standard_v2_2022",
      "relationship": "informative_reference",
      "rationale": "Establishes Microsoft Responsible AI Standard v2 requirements informing the apeiris://ethics/controls/HI-06 Consent and Agency Preservation for AI Interactions control.",
      "reviewed_on": "2026-07-01"
     },
     {
      "id": "google_ai_principles_2023",
      "title": "Google AI Principles",
      "authority": "Google LLC",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2025",
      "published_on": "2025-02-04",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://ai.google/responsibility/principles/",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "google_ai_principles_2023",
      "relationship": "informative_reference",
      "rationale": "Establishes Google AI Principles requirements informing the apeiris://ethics/controls/HI-06 Consent and Agency Preservation for AI Interactions control.",
      "reviewed_on": "2026-07-02"
     },
     {
      "id": "meta_llama_responsible_use_2024",
      "title": "Meta Llama Responsible Use Guide",
      "authority": "Meta Platforms, Inc.",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2023",
      "published_on": "2023-07-18",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.llama.com/responsible-use-guide/",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "meta_llama_responsible_use_2024",
      "relationship": "informative_reference",
      "rationale": "Establishes Meta Llama Responsible Use Guide requirements informing the apeiris://ethics/controls/HI-06 Consent and Agency Preservation for AI Interactions control.",
      "reviewed_on": "2026-07-02"
     }
    ],
    "implementation": {
     "pattern": "A consent lifecycle framework is implemented covering: pre-interaction disclosure of AI nature and data use; layered consent for capability tiers with specific consent for sensitive interactions; consent record-keeping with version tracking tied to capability releases; and periodic consent refresh where AI capabilities have materially evolved since original consent was obtained.",
     "steps": [
      "Implement pre-interaction disclosure for all AI systems: disclose that the interaction is AI-mediated, the general capability category (generative, predictive, decisional), the data used and retained, and any consequential outputs that may result; disclosure must be in plain language appropriate to the user population's literacy level.",
      "Design consent mechanisms that are granular (separate consent for different capability uses), revocable (opt-out available at any time without penalty), and documented (consent records retained with timestamps and version information tied to the capability state at consent time).",
      "Implement a capability change governance process that assesses whether new or modified AI capabilities are materially different from the capability state at original consent; material changes trigger consent refresh notification to existing users before the new capability is applied.",
      "Conduct annual agency preservation reviews of AI interaction flows, testing whether users can exit, modify, or refuse AI suggestions without experiencing friction, penalties, or information loss."
     ],
     "ethics_officer": {
      "summary": "Consent is only meaningful if users understand what they are consenting to, and agency is only real if users can exercise it without penalty. The ethics officer ensures disclosure quality and agency preservation are maintained as AI capabilities evolve.",
      "actions": [
       "Review pre-interaction disclosure content annually and after any material capability update for accuracy and comprehensibility.",
       "Assess capability change materiality determinations and ensure consent refresh protocols are triggered appropriately.",
       "Conduct or commission agency preservation testing on a biannual basis."
      ],
      "failure_signals": [
       "Disclosure language that technical users can understand but general population users cannot.",
       "Material capability changes deployed without consent refresh assessment.",
       "Users unable to opt out of AI-mediated interactions without experiencing service penalties."
      ]
     },
     "legal_counsel": {
      "summary": "GDPR and EU AI Act create specific legal requirements for consent in AI contexts. Legal must ensure the consent framework satisfies these requirements and that consent records are defensible in regulatory proceedings.",
      "actions": [
       "Review disclosure and consent design against GDPR Art. 7 (conditions for consent), Art. 13 and 14 (transparency), and EU AI Act Art. 50 (transparency obligations).",
       "Advise on which AI capability uses require explicit consent versus legitimate interest reliance.",
       "Ensure consent records include the information required to demonstrate valid consent in supervisory authority investigations."
      ],
      "failure_signals": [
       "Consent mechanisms that bundle AI data use consent with service terms of use.",
       "No documented process for handling consent withdrawal for AI data processing.",
       "Consent records that do not capture capability version state at time of consent."
      ]
     },
     "grc_auditor": {
      "summary": "Consent validity and agency preservation are auditable through disclosure quality assessment, consent record inspection, and capability change governance documentation.",
      "actions": [
       "Test disclosure content for plain language compliance using readability scoring.",
       "Inspect consent record system for completeness, version tracking, and revocation capability.",
       "Review capability change governance records to verify materiality assessments and consent refresh protocols."
      ],
      "metrics": [
       "Disclosure readability score (Flesch-Kincaid): target at least 60 (plain language threshold).",
       "Consent record completeness with version-tagged records: target 100% of consented users.",
       "Material capability changes with documented consent refresh assessment: target 100%."
      ],
      "failure_signals": [
       "Disclosure content below plain-language readability threshold.",
       "Consent records without version tracking.",
       "Material capability changes deployed without consent refresh assessment documentation."
      ]
     },
     "business_stakeholder": {
      "summary": "Meaningful consent and agency preservation build user trust, reduce churn, and mitigate regulatory exposure. Consent obtained through obscure or coercive design creates legal risk that materializes in GDPR enforcement and class actions.",
      "actions": [
       "Ensure product KPIs do not create incentives to minimize consent quality or obscure opt-out pathways.",
       "Include consent and disclosure requirements in product scope for AI features.",
       "Ensure capability change management processes include consent refresh assessment as a standard step."
      ],
      "failure_signals": [
       "Business metrics that improve when users are denied easy access to opt-out.",
       "AI capability releases that bypass consent refresh assessment.",
       "Disclosure content not updated following material capability changes."
      ]
     }
    },
    "maturity": {
     "current": "initial",
     "target": "defined",
     "notes": "Consent in AI contexts is typically implemented as static one-time disclosure at account creation, failing to address capability evolution, interaction-level consent, or genuine agency preservation mechanisms."
    },
    "capability_risk": {
     "capability_level": "none"
    },
    "tiers": [
     "universal-enterprise",
     "high-risk-sector",
     "eu-high-risk-ai",
     "multi-tenant"
    ],
    "implementers": [
     "Ethics Office",
     "Legal Counsel",
     "Product Management",
     "Platform Engineering"
    ],
    "frameworks": [
     {
      "framework": "eu_ai_act",
      "requirement_id": "Art. 50",
      "fit": "direct",
      "rationale": "EU AI Act Article 50 mandates that AI systems interacting with humans disclose their AI nature and provides transparency obligations for certain AI-generated content. This control implements the disclosure and consent infrastructure required to meet these obligations.",
      "normative_force": "binding-law",
      "source_version": "2024/1689",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "satisfies"
     },
     {
      "framework": "eu_charter",
      "requirement_id": "Art. 8",
      "fit": "direct",
      "rationale": "EU Charter Article 8 establishes the right to protection of personal data, including that data processing must rest on a legitimate basis such as consent. The consent framework in this control implements the consent-quality requirements necessary for Charter-compliant AI data processing.",
      "normative_force": "binding-law",
      "source_version": "2012/C 326/02",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "satisfies"
     },
     {
      "framework": "un_ethics_ai",
      "requirement_id": "¶37 (Transparency)",
      "fit": "direct",
      "rationale": "UNESCO Recommendation ¶37 addresses the transparency of AI systems, including that people should be able to know when they are interacting with an AI system. The control's pre-interaction disclosure and consent lifecycle requirements implement that transparency expectation.",
      "normative_force": "voluntary-standard",
      "source_version": "2021",
      "reviewed_on": "2026-07-02",
      "basis": "asserted",
      "relation": "informs"
     },
     {
      "framework": "ieee_7000",
      "requirement_id": "§5.4",
      "fit": "partial",
      "rationale": "IEEE 7000 §5.4 includes informed consent as an ethical value to be elicited and designed into systems, requiring that consent mechanisms be evaluated as part of the ethical system design process. The control's annual consent quality review implements this engineering discipline.",
      "normative_force": "voluntary-standard",
      "source_version": "2021",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "oecd_ai_principles",
      "requirement_id": "Principle 1.3",
      "fit": "partial",
      "rationale": "OECD AI Principle 1.3 (Transparency and explainability) calls for AI actors to provide meaningful information so that people can understand when they are engaging with AI systems and what that means for them. The disclosure requirements in this control implement that principle.",
      "normative_force": "voluntary-standard",
      "source_version": "2024",
      "reviewed_on": "2026-07-02",
      "basis": "asserted",
      "relation": "informs"
     },
     {
      "framework": "openai_model_spec",
      "requirement_id": "Seek the truth together — Be honest and transparent",
      "fit": "direct",
      "rationale": "The Model Spec's 'Be honest and transparent' rules require models to be truthful about what they are and what they can do, and prohibit deceptive behavior toward users. HI-06's disclosure-of-AI-nature and consent-quality requirements operationalize the same non-deception commitment at the interaction-design layer, ensuring users know they are dealing with an AI system before consequential engagement.",
      "normative_force": "best-practice",
      "source_version": "2025-12-18",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "microsoft_rai",
      "requirement_id": "Goal T3 (Disclosure of AI interaction)",
      "fit": "direct",
      "rationale": "Microsoft Responsible AI Standard v2 transparency requirements explicitly mandate disclosure of AI nature and capabilities to users, communication of AI system limitations, and interaction design that enables users to exercise informed judgment. Consent and Agency Preservation for AI Interactions implements these transparency requirements through structured pre-interaction disclosure, layered consent mechanisms with version tracking, and capability change governance that triggers consent refresh when new capabilities exceed the scope of original disclosure. Microsoft's standard is among the industry sources that shaped the disclosure quality and plain-language standards this control encodes.",
      "normative_force": "best-practice",
      "source_version": "v2 (2022)",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "google_ai_principles",
      "requirement_id": "Responsible development and deployment — appropriate human oversight, due diligence, and feedback mechanisms",
      "fit": "direct",
      "rationale": "Google's current AI Principles (the 2025 revision, which replaced the 2018 seven-principles list with three pillars — Bold innovation; Responsible development and deployment; Collaborative progress) commit to oversight, due diligence, and feedback aligned with user goals — commitments that presuppose users know they are interacting with AI and understand its capabilities. HI-06's disclosure and consent lifecycle requirements make that transparency substantive at the interaction layer.",
      "normative_force": "best-practice",
      "source_version": "2025",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "meta_llama_rai",
      "requirement_id": "Llama Acceptable Use Policy (separate document); Build transparency and reporting mechanisms",
      "fit": "partial",
      "rationale": "The Llama Acceptable Use Policy prohibits misrepresenting Llama outputs as human-generated, and the Responsible Use Guide recommends building transparency and reporting mechanisms into LLM products. Together these support HI-06's disclosure-of-AI-nature and consent requirements: license-level non-deception plus product-level transparency infrastructure.",
      "normative_force": "best-practice",
      "source_version": "2023",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "owasp_ai_exchange",
      "requirement_id": "aitransparency",
      "fit": "supporting",
      "rationale": "HI-06 mandates plain-language disclosure of the AI's nature and capabilities before an interaction, being transparent to users about AI use as the AI Exchange control intends.",
      "normative_force": "industry-framework",
      "source_version": "continuously-updated",
      "reviewed_on": "2026-07-08",
      "basis": "anchored",
      "relation": "equivalent_to"
     }
    ],
    "canonical_id": "apeiris://ethics/controls/HI-06",
    "meta": {
     "authored_on": "2026-06-29",
     "schema_version": "1.1.0"
    },
    "validation_objective": "All AI-mediated interactions must be preceded by plain-language disclosure of the AI's nature, capability category, data use, and consequential outputs; consent records must be version-tagged to the capability state at the time of consent; and users must be able to exit or modify AI interactions without experiencing service penalties. A passing state requires 100% of active user consent records carrying a capability_version_tag and 100% of material capability changes having a documented consent refresh assessment.",
    "evidence_required": [
     "consent_record_export with fields for user_id, consent_timestamp, capability_version_tag, consent_granularity_tier, and revocation_status for every consented user, with no records lacking a version tag",
     "disclosure_readability_assessment_report showing Flesch-Kincaid reading ease score at or above 60 for all pre-interaction disclosure content, assessed after each material capability update",
     "capability_change_governance_log listing each AI capability release, its materiality determination (material or non-material), the assessment rationale, and the consent refresh decision and notification record where triggered",
     "agency_preservation_test_report documenting opt-out flow testing with screen-recorded evidence that users can exit AI-mediated interactions without friction, penalty prompts, or service degradation"
    ],
    "machine_tests": [
     "Query the consent record system for all active users → assert every record has a non-null capability_version_tag field matching an entry in the capability release registry and a consent_timestamp postdating the version's release date",
     "Navigate the documented opt-out pathway for AI-mediated processing as a test user → assert the system confirms opt-out without presenting a service downgrade warning, requiring additional approval, or navigating more than three screens",
     "Retrieve disclosure text for each registered AI system → assert Flesch-Kincaid reading ease score exceeds 60 and the terms 'artificial intelligence' or 'AI' appear within the first 200 characters of the disclosure body"
    ],
    "human_review": [
     "Review disclosure content accuracy and completeness following each material capability update, confirming descriptions reflect the current system's actual capabilities and data practices rather than the state at initial disclosure authoring",
     "Assess capability change materiality determination records to verify that changes expanding data use, decision scope, or output consequence categories triggered consent refresh notifications to existing users before the capability was applied to them",
     "Conduct opt-out pathway walkthroughs to confirm no friction, penalty, or information loss occurs when users exercise their right to refuse AI-mediated processing, including for users who have engaged with the system for extended periods"
    ],
    "blocking_effect": "requires-review",
    "normative_status": "binding-law",
    "anti_patterns": [
     "Bundling AI capability consent with general terms of service acceptance so that users cannot consent to core service features while declining AI data processing",
     "Issuing a single static pre-interaction disclosure at account creation that is not updated when AI capabilities materially change after the user's original consent was recorded",
     "Designing opt-out flows that require users to navigate multiple screens, submit a support ticket, or await human approval before AI processing ceases, creating effective disincentives for exercising the right",
     "Maintaining consent records without capturing the capability version state at the time of consent, making it impossible to determine whether current system capabilities exceed the scope users consented to",
     "Deploying engagement optimization or personalization features without assessing whether they create commitment escalation effects or information asymmetries that undermine genuine user agency over time"
    ],
    "update_status": "current",
    "layer_code": "HI"
   },
   {
    "id": "HI-07",
    "layer": "HI",
    "plane": "control",
    "name": "Child and Minors Safety Controls",
    "plain": "AI systems that may interact with, generate content about, profile, or make decisions concerning individuals under the age of 18 must implement heightened safety controls proportionate to children's reduced capacity for informed consent, heightened susceptibility to harm, and specific legal protections, including age verification, content filtering, parental oversight pathways, and prohibition of manipulative design targeting minors.",
    "threat": {
     "tags": [
      "child-safety-bypass",
      "age-gate-failure",
      "minor-profiling",
      "harmful-content-exposure"
     ],
     "desc": "AI systems not designed with child-specific controls expose minors to age-inappropriate content, manipulative engagement design, and profiling that can have lasting developmental consequences. Age verification failures allow minors to access adult AI capabilities; recommendation systems optimizing for engagement may expose children to harmful content spirals; generative AI can be manipulated to produce content harmful to or about children. The legal exposure from child safety failures — COPPA, GDPR-K, EU AI Act child-specific provisions — is substantial."
    },
    "standard": [
     {
      "id": "eu_ai_act",
      "section": "Art. 5(1)(a), Art. 9(2)(b)",
      "title": "Prohibited uses targeting minors and heightened protection obligations"
     },
     {
      "id": "eu_charter",
      "section": "Art. 24",
      "title": "Rights of the child"
     },
     {
      "id": "ieee_7000",
      "section": "Clause 10",
      "title": "Ethical risk-based design — differential impact on minors"
     },
     {
      "id": "google_ai_principles",
      "section": "Responsible development and deployment",
      "title": "Rigorous design, testing, monitoring, and safeguards — child safety"
     }
    ],
    "sources": [
     {
      "id": "microsoft_rai_standard_v2_2022",
      "title": "Microsoft Responsible AI Standard v2",
      "authority": "Microsoft Corporation",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2",
      "published_on": "2022-06-21",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.microsoft.com/en-us/ai/responsible-ai",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "microsoft_rai_standard_v2_2022",
      "relationship": "informative_reference",
      "rationale": "Establishes Microsoft Responsible AI Standard v2 requirements informing the apeiris://ethics/controls/HI-07 Child and Minors Safety Controls control.",
      "reviewed_on": "2026-07-01"
     },
     {
      "id": "google_ai_principles_2023",
      "title": "Google AI Principles",
      "authority": "Google LLC",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2025",
      "published_on": "2025-02-04",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://ai.google/responsibility/principles/",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "google_ai_principles_2023",
      "relationship": "informative_reference",
      "rationale": "Establishes Google AI Principles requirements informing the apeiris://ethics/controls/HI-07 Child and Minors Safety Controls control.",
      "reviewed_on": "2026-07-02"
     },
     {
      "id": "openai_model_spec_2024",
      "title": "OpenAI Model Specification",
      "authority": "OpenAI, L.L.C.",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2024",
      "published_on": "2024-05-08",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://cdn.openai.com/spec/model-spec-2024-05-08.html",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "openai_model_spec_2024",
      "relationship": "informative_reference",
      "rationale": "Establishes OpenAI Model Specification requirements informing the apeiris://ethics/controls/HI-07 Child and Minors Safety Controls control.",
      "reviewed_on": "2026-07-01"
     },
     {
      "id": "meta_llama_responsible_use_2024",
      "title": "Meta Llama Responsible Use Guide",
      "authority": "Meta Platforms, Inc.",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2023",
      "published_on": "2023-07-18",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.llama.com/responsible-use-guide/",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "meta_llama_responsible_use_2024",
      "relationship": "informative_reference",
      "rationale": "Establishes Meta Llama Responsible Use Guide requirements informing the apeiris://ethics/controls/HI-07 Child and Minors Safety Controls control.",
      "reviewed_on": "2026-07-02"
     }
    ],
    "implementation": {
     "pattern": "A child safety framework applied at the system design stage: any AI system with non-trivial probability of minor interaction undergoes a child safety impact assessment; systems identified as likely to interact with minors implement age-appropriate design standards, content filtering calibrated to the youngest likely user, prohibition of manipulative engagement mechanics, and parental consent and oversight pathways where legally required.",
     "steps": [
      "Conduct a child exposure assessment for each AI system: estimate the probability and frequency of interactions with users under 18, considering product type, marketing, accessibility, and distribution channel; systems above a minimum exposure threshold (for example, more than 5% estimated minor user base) are classified as child-exposed and subject to enhanced controls.",
      "Implement age-appropriate design standards for child-exposed systems: content filtering calibrated to the youngest likely age cohort, prohibitions on engagement mechanics that exploit developmental psychology (variable reward schedules, social comparison pressure, fear of missing out design), accessible parental visibility and control features, and default-safe privacy settings.",
      "Deploy technical safeguards for generative AI systems to prevent generation of child sexual abuse material and other content harmful to or about minors; implement detection and reporting mechanisms aligned with legal obligations.",
      "Conduct child safety reviews with age-appropriate user research methodologies (assent processes, guardian involvement, developmental psychologist consultation) before deployment of child-exposed AI systems and annually in production."
     ],
     "ethics_officer": {
      "summary": "Child safety is a categorical ethical obligation. Systems that interact with minors require specific design attention that general ethics review cannot substitute for. The ethics officer ensures child exposure assessments are rigorous and that child safety standards are enforced without exception.",
      "actions": [
       "Review child exposure assessments for all new and materially changed AI systems.",
       "Enforce child safety enhanced control requirements for all systems above the exposure threshold.",
       "Ensure child safety reviews involve qualified child development expertise."
      ],
      "failure_signals": [
       "Child exposure assessments not completed before deployment.",
       "Systems above the exposure threshold deployed without enhanced controls.",
       "Child safety reviews conducted without developmental psychology expertise."
      ]
     },
     "legal_counsel": {
      "summary": "Child-specific legal obligations — COPPA, GDPR for children under 16, EU Digital Services Act child protection provisions, EU AI Act Art. 5 prohibitions — create direct legal exposure that must be managed through compliance-grade controls.",
      "actions": [
       "Map applicable child protection legal requirements by jurisdiction for each AI system with child exposure.",
       "Review age-appropriate design standard implementation against UK ICO Age Appropriate Design Code and applicable GDPR-K requirements.",
       "Advise on CSAM detection obligations and ensure technical safeguards meet legal minimums."
      ],
      "failure_signals": [
       "No jurisdiction-specific child protection compliance mapping for child-exposed systems.",
       "Age-appropriate design implementation not reviewed against applicable legal codes.",
       "CSAM detection safeguards not implemented or not calibrated to meet reporting thresholds."
      ]
     },
     "grc_auditor": {
      "summary": "Child safety controls are subject to both internal audit and external regulatory examination. Auditors must verify that child exposure assessments are complete, controls are implemented, and legal obligations are met.",
      "actions": [
       "Review child exposure assessment records for all production AI systems.",
       "Test content filtering calibration on child-exposed systems using age-appropriate content standard benchmarks.",
       "Verify CSAM detection and reporting mechanisms are implemented and tested."
      ],
      "metrics": [
       "Child exposure assessment completion rate: target 100% of AI systems.",
       "Enhanced control implementation rate for above-threshold systems: target 100%.",
       "CSAM detection safeguard implementation: target 100% of generative AI systems."
      ],
      "failure_signals": [
       "Child exposure assessments not completed or older than 12 months without review.",
       "Above-threshold systems lacking documented enhanced control implementations.",
       "Generative AI systems without CSAM detection safeguards."
      ]
     },
     "business_stakeholder": {
      "summary": "Child safety failures carry the highest regulatory and reputational risk in the AI space. Proactive child safety investment is existentially important for consumer-facing AI products.",
      "actions": [
       "Require child safety review sign-off as a hard launch gate for consumer AI products.",
       "Ensure child safety investment is budgeted as a non-negotiable line item, not deprioritized against feature development.",
       "Establish incident response protocols specific to child safety events, with defined escalation paths to executive leadership and legal."
      ],
      "failure_signals": [
       "Child safety review gates bypassed under product launch pressure.",
       "Child safety investment deprioritized in budget cycles.",
       "No child safety-specific incident response protocol."
      ]
     }
    },
    "maturity": {
     "current": "initial",
     "target": "defined",
     "notes": "Child-specific AI safety controls are frequently absent or limited to basic content filters; systematic child exposure assessment and age-appropriate design standards are not widely implemented in enterprise AI governance."
    },
    "capability_risk": {
     "capability_level": "none"
    },
    "tiers": [
     "universal-enterprise",
     "high-risk-sector",
     "eu-high-risk-ai",
     "multi-tenant"
    ],
    "implementers": [
     "Ethics Office",
     "Legal Counsel",
     "Product Safety",
     "Machine Learning Engineering"
    ],
    "frameworks": [
     {
      "framework": "eu_ai_act",
      "requirement_id": "Art. 5(1)(a)",
      "fit": "direct",
      "rationale": "EU AI Act Article 5(1)(a) prohibits AI systems that deploy subliminal or manipulative techniques, with heightened application to systems targeting minors. The control's prohibition on manipulative engagement mechanics targeting children directly implements this provision.",
      "normative_force": "binding-law",
      "source_version": "2024/1689",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "satisfies"
     },
     {
      "framework": "eu_charter",
      "requirement_id": "Art. 24",
      "fit": "direct",
      "rationale": "EU Charter Article 24 establishes the rights of the child, requiring that children's best interests be a primary consideration in all actions affecting them. AI system design affecting minors must treat child wellbeing as a primary design constraint, not an afterthought — which is the operating principle of this control.",
      "normative_force": "binding-law",
      "source_version": "2012/C 326/02",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "satisfies"
     },
     {
      "framework": "ieee_7000",
      "requirement_id": "Clause 10 (Ethical risk-based design)",
      "fit": "direct",
      "rationale": "IEEE 7000-2021 clause 10 requires ethical risk assessment and treatment for the stakeholders a system affects, with children among the clearest cases of stakeholders needing differentiated protection. The control's child exposure assessment and age-appropriate design standard implementation apply that risk-based discipline to minors.",
      "normative_force": "voluntary-standard",
      "source_version": "2021",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "google_ai_principles",
      "requirement_id": "Responsible development and deployment — rigorous design, testing, monitoring, and safeguards",
      "fit": "partial",
      "rationale": "Google's current AI Principles (the 2025 revision, which replaced the 2018 seven-principles list with three pillars — Bold innovation; Responsible development and deployment; Collaborative progress) commit to rigorous design, testing, monitoring, and safeguards to mitigate harmful outcomes — commitments that apply with maximum force where children are exposed. HI-07's child-exposure assessment, content safeguards, and detection and reporting infrastructure implement that safeguard obligation for minors.",
      "normative_force": "best-practice",
      "source_version": "2025",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "microsoft_rai",
      "requirement_id": "Goals RS1–RS3 (Reliability & Safety)",
      "fit": "partial",
      "rationale": "Microsoft Responsible AI Standard v2 Reliability & Safety Goals (RS1–RS3) require safety guidance, failure remediation, and ongoing monitoring for AI systems deployed in or accessible to consumer contexts. The control's content detection and reporting requirements align with these safety implementation requirements.",
      "normative_force": "best-practice",
      "source_version": "v2 (2022)",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "openai_model_spec",
      "requirement_id": "Stay in bounds (prohibited sexual content involving minors); Under-18 Principles",
      "fit": "direct",
      "rationale": "The Model Spec treats sexual content involving minors as prohibited at the platform level — never permitted regardless of operator or user instructions — and its Under-18 Principles section defines additional protections for younger users. HI-07's child-safety technical safeguards and detection and reporting obligations build the organizational enforcement layer on top of these model-level prohibitions.",
      "normative_force": "best-practice",
      "source_version": "2025-12-18",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "meta_llama_rai",
      "requirement_id": "Llama Acceptable Use Policy (separate document) — prohibitions on harm to minors",
      "fit": "direct",
      "rationale": "The Llama Acceptable Use Policy categorically prohibits use of the models for exploitation or harm to children, including generation of child sexual abuse material — prohibitions that apply regardless of deployment configuration. HI-07's child-safety safeguards and detection and reporting obligations build the organizational enforcement layer for these license-level prohibitions in Llama-based systems.",
      "normative_force": "best-practice",
      "source_version": "2023",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     }
    ],
    "canonical_id": "apeiris://ethics/controls/HI-07",
    "meta": {
     "authored_on": "2026-06-29",
     "schema_version": "1.1.0"
    },
    "validation_objective": "Every AI system with a child exposure classification above the minimum threshold must have documented age-appropriate design controls implemented, active CSAM detection safeguards validated through testing, and a signed child safety review completed before deployment. A passing state requires 100% of generative AI systems to have active CSAM detection instrumentation and zero above-threshold systems deployed without a dated, signed child safety review record.",
    "evidence_required": [
     "child_exposure_assessment_record for each AI system showing estimated minor user percentage based on empirical data, classification tier, assessment methodology, and assessment date within the past 12 months",
     "age_appropriate_design_control_manifest per above-threshold system listing content filter calibration level (youngest likely user cohort), prohibited engagement mechanics inventory, and parental oversight pathway URL",
     "CSAM_detection_safeguard_validation_record confirming detection mechanisms are active and have been tested against synthetic prohibited content test cases with zero false negatives and documented true positive rates",
     "child_safety_review_sign_off record with reviewer identity, developmental psychologist consultation reference or report, approval date predating the system's production deployment date, and any open findings with remediation status"
    ],
    "machine_tests": [
     "Submit a representative set of age-restricted content prompts to each registered generative AI system → assert all requests are refused with a content_policy_violation error code and no prohibited content is returned in the response body",
     "Query the child exposure classification registry for all registered AI systems → assert every record has a non-null exposure_tier value from the approved set and an assessment_date field within the past 365 days",
     "Query the control implementation registry for all systems classified above the minimum exposure threshold → assert each entry has non-null values for content_filter_calibration_age, prohibited_mechanics_list, and parental_oversight_pathway_url"
    ],
    "human_review": [
     "Review child exposure assessments for all production AI systems to verify that exposure estimates are based on empirical data such as analytics, user age demographics from onboarding, and distribution channel characteristics rather than unsupported assumptions",
     "Assess age-appropriate design implementations on above-threshold systems with a developmental psychologist to identify engagement mechanics that may exploit developmental psychology in ways that automated content testing cannot detect",
     "Verify that CSAM detection and reporting mechanisms meet applicable legal thresholds, that reporting procedures name the responsible contacts for law enforcement escalation, and that detection test records are maintained"
    ],
    "blocking_effect": "blocks-deployment",
    "normative_status": "binding-law",
    "anti_patterns": [
     "Defaulting all AI systems to a 'no child exposure' classification without conducting a documented assessment of the system's distribution channel, marketing, and actual user population age distribution",
     "Calibrating content filters for child-exposed systems to adult content moderation standards rather than recalibrating to the youngest likely user cohort in the affected population",
     "Treating CSAM prohibition as satisfied by a model-level policy statement without implementing active detection instrumentation, test validation, and legal reporting procedures",
     "Conducting child safety review using only members of the AI development team without involving developmental psychology expertise or external child safety professionals who can assess child-specific harms",
     "Deploying variable reward schedules, streak mechanics, or social comparison features in child-exposed systems without assessing their differential developmental impact on minor users versus adult users"
    ],
    "update_status": "current",
    "layer_code": "HI"
   },
   {
    "id": "HI-08",
    "layer": "HI",
    "plane": "lifecycle",
    "name": "Human Interests Evidence Package",
    "plain": "The HI-layer evidence package compiles and validates the outputs of HI-01 through HI-07 into a structured compliance artifact demonstrating that the organization's AI systems implement and maintain effective human rights, dignity, and safety protections across the full lifecycle, suitable for regulatory examination, third-party audit, and governance reporting.",
    "threat": {
     "tags": [
      "evidence-incompleteness",
      "compliance-attestation-gap",
      "audit-readiness-failure",
      "human-rights-accountability-gap"
     ],
     "desc": "Without a systematic evidence compilation process, human rights and safety controls that are individually implemented may not be verifiable in aggregate. Regulatory examinations and audits of AI systems require organizations to demonstrate holistic compliance across FRIA governance, dignity protections, vulnerable population safeguards, oversight mechanisms, remedy access, consent practices, and child safety — piecemeal evidence assembly under examination pressure produces gaps that create enforcement exposure and erode trust."
    },
    "standard": [
     {
      "id": "eu_ai_act",
      "section": "Art. 18",
      "title": "Record keeping and technical documentation obligations"
     },
     {
      "id": "iso_42001",
      "section": "§9.3",
      "title": "Management review and evidence of conformance"
     },
     {
      "id": "nist_rmf",
      "section": "GOVERN 4.2",
      "title": "Documentation of AI risks and impacts supporting accountability"
     },
     {
      "id": "eu_charter",
      "section": "Art. 1, 8, 21, 47",
      "title": "Charter rights inventory — audit evidence baseline"
     }
    ],
    "sources": [
     {
      "id": "microsoft_rai_standard_v2_2022",
      "title": "Microsoft Responsible AI Standard v2",
      "authority": "Microsoft Corporation",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2",
      "published_on": "2022-06-21",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.microsoft.com/en-us/ai/responsible-ai",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "microsoft_rai_standard_v2_2022",
      "relationship": "informative_reference",
      "rationale": "Establishes Microsoft Responsible AI Standard v2 requirements informing the apeiris://ethics/controls/HI-08 Human Interests Evidence Package control.",
      "reviewed_on": "2026-07-01"
     }
    ],
    "implementation": {
     "pattern": "A structured HI evidence package is assembled quarterly and before each major AI system deployment or material change, aggregating completion status and key metrics from HI-01 through HI-07 into a single reviewable artifact signed by the responsible ethics officer and retained in the governance record system.",
     "steps": [
      "Define the HI evidence package schema: required artifacts from each control (HI-01: FRIA registry export; HI-02: red-team findings summary; HI-03: vulnerability impact screening completion; HI-04: override rate trend report; HI-05: remedy case management summary; HI-06: consent registry health report; HI-07: child exposure assessment completion), plus a cross-control completeness scorecard.",
      "Automate evidence collection from each HI control's operational systems where possible: export FRIA registry data, pull override rate metrics, extract case management summaries, and compile consent record completeness statistics into the package template on a defined schedule.",
      "Implement a package review workflow: the ethics officer reviews the compiled package for completeness and quality, flags gaps for remediation, attests to the package's accuracy, and routes to the GRC function for independent audit sampling.",
      "Retain completed HI evidence packages for a minimum of 5 years (or as required by applicable law) in a tamper-evident governance record system, with access controls ensuring records are available for regulatory examination on request."
     ],
     "ethics_officer": {
      "summary": "The HI evidence package is the ethics officer's primary accountability artifact. It demonstrates that human interests protections are not only designed but operationally maintained. The ethics officer owns the package review, attestation, and gap remediation process.",
      "actions": [
       "Review each quarterly HI evidence package for completeness against the defined schema.",
       "Attest to package accuracy and file gaps for tracked remediation.",
       "Present HI evidence package summaries to the AI ethics governance committee quarterly."
      ],
      "failure_signals": [
       "Package completeness score below 90%.",
       "Package gaps not tracked to remediation within defined SLA.",
       "Packages not reviewed by ethics officer within defined review window."
      ]
     },
     "legal_counsel": {
      "summary": "HI evidence packages are the primary response document for regulatory examination of human rights compliance. Legal must ensure packages are retained, are legally privileged where appropriate, and satisfy the documentation standards required by applicable law.",
      "actions": [
       "Review the HI evidence package schema against EU AI Act Art. 18 technical documentation requirements.",
       "Advise on privilege and retention policies for HI evidence packages.",
       "Ensure packages are produced in response to regulatory requests within applicable response timelines."
      ],
      "failure_signals": [
       "Package schema does not capture all Art. 18 required documentation elements.",
       "Retention policy shorter than applicable legal minimum.",
       "No documented protocol for producing packages in response to regulatory requests."
      ]
     },
     "grc_auditor": {
      "summary": "The HI evidence package is the primary audit artifact for the HI layer. Auditors verify package completeness, quality, review cycle adherence, and retention compliance.",
      "actions": [
       "Sample HI evidence packages for completeness scoring against the defined schema.",
       "Verify that packages are assembled on the defined quarterly schedule and before major deployments.",
       "Inspect retention records to confirm packages are retained for the required period."
      ],
      "metrics": [
       "HI evidence package completeness score: target at least 90% per package.",
       "Package assembly schedule adherence: target 100% of required cycles.",
       "Ethics officer attestation completion: target 100% of assembled packages.",
       "Package retention compliance: target 100% meeting minimum retention period."
      ],
      "failure_signals": [
       "Packages with completeness scores below 80%.",
       "Packages assembled without ethics officer attestation.",
       "Missing packages for required quarterly cycles or major deployment events.",
       "Retention records showing packages deleted before minimum retention period."
      ]
     },
     "business_stakeholder": {
      "summary": "A complete HI evidence package demonstrates organizational maturity in human rights governance to regulators, customers, and partners. Gaps in the package are gaps in business credibility and regulatory defensibility.",
      "actions": [
       "Ensure HI evidence package assembly is resourced and scheduled as a standard operational process.",
       "Include HI package completeness scores in AI governance reporting to executive leadership.",
       "Treat package gaps as business risk items requiring remediation investment."
      ],
      "failure_signals": [
       "HI evidence package assembly not resourced or scheduled.",
       "Package completeness not reported to executive leadership.",
       "Persistent package gaps not escalated for resource remediation."
      ]
     }
    },
    "maturity": {
     "current": "initial",
     "target": "defined",
     "notes": "Most organizations lack structured evidence aggregation for human rights AI controls; compliance artifacts are assembled reactively under audit pressure rather than maintained proactively."
    },
    "capability_risk": {
     "capability_level": "none"
    },
    "tiers": [
     "universal-enterprise",
     "high-risk-sector",
     "eu-high-risk-ai",
     "federated-enterprise"
    ],
    "implementers": [
     "Ethics Office",
     "GRC Function",
     "Legal Counsel",
     "Compliance Team"
    ],
    "frameworks": [
     {
      "framework": "eu_ai_act",
      "requirement_id": "Art. 18",
      "fit": "direct",
      "rationale": "EU AI Act Article 18 requires high-risk AI system deployers and providers to maintain technical documentation demonstrating compliance with the Act's requirements, available for regulatory examination. The HI evidence package operationalizes this obligation for the human interests dimension of AI ethics compliance.",
      "normative_force": "binding-law",
      "source_version": "2024/1689",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "satisfies"
     },
     {
      "framework": "iso_42001",
      "requirement_id": "§9.3",
      "fit": "direct",
      "rationale": "ISO/IEC 42001 §9.3 requires management review of the AI management system using evidence of conformance. The HI evidence package provides the structured conformance evidence required for ISO 42001 management review of the human interests control domain.",
      "normative_force": "certification-standard",
      "source_version": "2023",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "nist_rmf",
      "requirement_id": "GOVERN 4.2",
      "fit": "direct",
      "rationale": "NIST AI RMF GOVERN 4.2 requires that organizational teams document the risks and potential impacts of AI systems and communicate about them. The HI evidence package implements this documentation layer for the human interests control domain.",
      "normative_force": "voluntary-standard",
      "source_version": "1.0",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "eu_charter",
      "requirement_id": "Art. 1, 8, 21, 47",
      "fit": "adjacent",
      "rationale": "The EU Charter of Fundamental Rights defines the rights inventory that the HI layer protects — most prominently dignity (Art. 1), data protection (Art. 8), non-discrimination (Art. 21), and effective remedy (Art. 47). The evidence package demonstrates that systems affecting those rights have implemented the controls required to respect them — linking the substantive rights framework to operational compliance evidence.",
      "normative_force": "binding-law",
      "source_version": "2012/C 326/02",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "satisfies"
     },
     {
      "framework": "oecd_ai_principles",
      "requirement_id": "Principle 1.5",
      "fit": "partial",
      "rationale": "OECD AI Principle 1.5 calls for accountability of AI actors through documentation and auditability of AI systems and their governance processes. The HI evidence package directly implements this accountability requirement for the human interests domain.",
      "normative_force": "voluntary-standard",
      "source_version": "2024",
      "reviewed_on": "2026-07-02",
      "basis": "asserted",
      "relation": "informs"
     },
     {
      "framework": "microsoft_rai",
      "requirement_id": "Goals A1–A5 (Accountability)",
      "fit": "partial",
      "rationale": "Microsoft Responsible AI Standard v2 accountability goals require that organizations maintain documented evidence of responsible AI compliance — including records of impact assessments, governance decisions, and control implementation — available for review by stakeholders and regulatory bodies. Human Interests Evidence Package operationalizes this accountability documentation requirement for the HI control layer, compiling FRIA records, override rate metrics, consent registry health, remedy case management summaries, and child safety assessment completion into a structured, ethics-officer-attested governance artifact. Microsoft's requirement for named accountability and documentation traceability is directly implemented by the HI evidence package's attestation workflow and tamper-evident retention requirements.",
      "normative_force": "best-practice",
      "source_version": "v2 (2022)",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     }
    ],
    "canonical_id": "apeiris://ethics/controls/HI-08",
    "meta": {
     "authored_on": "2026-06-29",
     "schema_version": "1.1.0"
    },
    "validation_objective": "A complete HI evidence package must be assembled quarterly and before each major AI system deployment, containing required artifacts from all seven HI controls with a cross-control completeness score of at least 90%, carrying a dated ethics officer attestation, and stored in a tamper-evident retention system. A passing state requires zero missing quarterly packages, zero packages without ethics officer sign-off, and retention records demonstrating packages are preserved for at least five years.",
    "evidence_required": [
     "HI_evidence_package artifact for each required cycle containing aggregated control exports from HI-01 through HI-07 with per-control completeness scores and a cross-control scorecard showing overall completeness percentage",
     "ethics_officer_attestation record per package with attester identity, attestation timestamp, completeness score, and a gap log listing any identified deficiencies with remediation owner and target resolution date",
     "governance_record_system_retention_log confirming each completed package is stored with a tamper-evident checksum, access controls, and deletion protection for the minimum five-year retention period",
     "gap_remediation_tracker for the past four quarters showing each identified package gap, assigned owner, target date, and current resolution status"
    ],
    "machine_tests": [
     "Query the evidence package registry for the current and two prior quarters → assert each period has an entry with status='complete', completeness_score at or above 90, and a non-null attestation_timestamp",
     "Call the package integrity verification endpoint for the three most recently stored packages → assert each returns a valid checksum match confirming no content was modified after the attestation timestamp",
     "Query the retention system for all packages → assert no package with a created_at date more than four years and eleven months ago has been deleted or marked for deletion before reaching the five-year threshold"
    ],
    "human_review": [
     "Review the most recent HI evidence package against the defined schema to verify that each of the seven control artifact types is present, complete, dated within the required collection window, and not a copy of a prior period's artifact",
     "Assess the ethics officer attestation process to confirm the officer reviewed the full artifact set rather than a summary, and that every gap identified in the attestation is tracked in the remediation system with an assigned owner",
     "Inspect the governance record retention system to verify tamper-evident controls are active, access logs show no unauthorized modifications to stored packages, and deletion protections prevent removal before the minimum retention period"
    ],
    "blocking_effect": "requires-review",
    "normative_status": "binding-law",
    "anti_patterns": [
     "Assembling the HI evidence package reactively in response to a regulatory examination notice rather than maintaining it on the defined quarterly schedule as an ongoing operational process",
     "Having the ethics officer attest to a summary dashboard rather than reviewing the full underlying artifact set, leaving gaps in specific control areas undetected in the attestation record",
     "Storing HI evidence packages in a general shared file system without tamper-evident checksums, making it impossible to demonstrate that records were not modified between assembly and regulatory examination",
     "Treating a completeness score below 90% as acceptable for a given package period rather than as a gate condition requiring remediation before the package is considered complete",
     "Omitting gap remediation tracking from the package workflow, leaving deficiencies identified during attestation without assigned owners or resolution timelines that can be audited"
    ],
    "update_status": "current",
    "layer_code": "HI"
   },
   {
    "id": "FM-01",
    "layer": "FM",
    "plane": "control",
    "name": "Production Fairness Monitoring Program",
    "plain": "Every AI system operating in production must be enrolled in a continuous fairness monitoring program that tracks designated fairness metrics against established baselines, generates alerts on threshold breaches, and produces regular compliance reports for governance review.",
    "threat": {
     "tags": [
      "undetected-bias",
      "disparate-impact-accumulation",
      "monitoring-gap",
      "fairness-drift"
     ],
     "desc": "Without systematic production monitoring, biased outcomes accumulate invisibly. Demographic groups experiencing worse outcomes have no mechanism for discovery unless an external complaint surfaces the issue. By the time disparities are noticed through anecdotal evidence, the impacted population may have experienced months or years of harm, and remediation requires unwinding embedded decisions made on flawed outputs."
    },
    "standard": [
     {
      "id": "eu_ai_act",
      "section": "Art. 9(8)",
      "title": "Testing against prior defined metrics and probabilistic thresholds"
     },
     {
      "id": "nist_rmf",
      "section": "MEASURE 2.11",
      "title": "AI system fairness and bias measurement in production"
     },
     {
      "id": "iso_42001",
      "section": "§9.1",
      "title": "Performance and conformity monitoring"
     },
     {
      "id": "ibm_ai_fairness",
      "section": "Fairness metric computation (batch)",
      "title": "AIF360 scheduled batch fairness metric computation"
     }
    ],
    "sources": [
     {
      "id": "microsoft_rai_standard_v2_2022",
      "title": "Microsoft Responsible AI Standard v2",
      "authority": "Microsoft Corporation",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2",
      "published_on": "2022-06-21",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.microsoft.com/en-us/ai/responsible-ai",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "microsoft_rai_standard_v2_2022",
      "relationship": "informative_reference",
      "rationale": "Establishes Microsoft Responsible AI Standard v2 requirements informing the apeiris://ethics/controls/FM-01 Production Fairness Monitoring Program control.",
      "reviewed_on": "2026-07-01"
     },
     {
      "id": "ibm_ai_fairness_360_2021",
      "title": "IBM AI Fairness 360 (AIF360)",
      "authority": "IBM Corporation",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2018",
      "published_on": "2018-09-19",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://github.com/Trusted-AI/AIF360",
      "license": "open-source-apache2",
      "status": "current",
      "flagship": false,
      "source_id": "ibm_ai_fairness_360_2021",
      "relationship": "informative_reference",
      "rationale": "Establishes IBM AI Fairness 360 (AIF360) requirements informing the apeiris://ethics/controls/FM-01 Production Fairness Monitoring Program control.",
      "reviewed_on": "2026-07-02"
     },
     {
      "id": "google_ai_principles_2023",
      "title": "Google AI Principles",
      "authority": "Google LLC",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2025",
      "published_on": "2025-02-04",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://ai.google/responsibility/principles/",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "google_ai_principles_2023",
      "relationship": "informative_reference",
      "rationale": "Establishes Google AI Principles requirements informing the apeiris://ethics/controls/FM-01 Production Fairness Monitoring Program control.",
      "reviewed_on": "2026-07-02"
     },
     {
      "id": "openai_model_spec_2024",
      "title": "OpenAI Model Specification",
      "authority": "OpenAI, L.L.C.",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2024",
      "published_on": "2024-05-08",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://cdn.openai.com/spec/model-spec-2024-05-08.html",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "openai_model_spec_2024",
      "relationship": "informative_reference",
      "rationale": "Establishes OpenAI Model Specification requirements informing the apeiris://ethics/controls/FM-01 Production Fairness Monitoring Program control.",
      "reviewed_on": "2026-07-01"
     },
     {
      "id": "anthropic_rsp_2024",
      "title": "Anthropic Responsible Scaling Policy v3.3",
      "authority": "Anthropic, PBC",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "3.3",
      "published_on": "2026-05-26",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.anthropic.com/responsible-scaling-policy",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "anthropic_rsp",
      "relationship": "informative_reference",
      "rationale": "Establishes Anthropic Responsible Scaling Policy v3.3 requirements informing the apeiris://ethics/controls/FM-01 Production Fairness Monitoring Program control.",
      "reviewed_on": "2026-07-02"
     },
     {
      "id": "meta_llama_responsible_use_2024",
      "title": "Meta Llama Responsible Use Guide",
      "authority": "Meta Platforms, Inc.",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2023",
      "published_on": "2023-07-18",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.llama.com/responsible-use-guide/",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "meta_llama_responsible_use_2024",
      "relationship": "informative_reference",
      "rationale": "Establishes Meta Llama Responsible Use Guide requirements informing the apeiris://ethics/controls/FM-01 Production Fairness Monitoring Program control.",
      "reviewed_on": "2026-07-02"
     }
    ],
    "implementation": {
     "pattern": "Deploy a fairness monitoring sidecar or pipeline component that intercepts AI system outputs, computes designated fairness metrics across demographic strata at configurable intervals, stores metric time series, and emits structured alerts when metrics breach defined thresholds.",
     "steps": [
      "Identify all production AI systems in scope and enumerate the demographic attributes and protected characteristics relevant to each system's decision context.",
      "Define the set of fairness metrics to be tracked per system (e.g., demographic parity difference, equalized odds difference, predictive parity) and establish baseline values from pre-deployment validation.",
      "Deploy monitoring instrumentation — batch scorer, streaming pipeline, or shadow evaluation harness — that computes metrics on a defined cadence (daily minimum for high-risk systems).",
      "Integrate metric outputs into a fairness dashboard with trend visualization, threshold breach alerting, and stakeholder notification routing.",
      "Establish a governance review cadence (monthly minimum) where the ethics officer and data science team review monitoring outputs and certify continued compliance."
     ],
     "ethics_officer": {
      "summary": "The production monitoring program is the primary evidence that fairness commitments made at deployment time are being honored throughout the system's operational life. You own the enrollment gate and the governance review cycle.",
      "actions": [
       "Define the fairness monitoring scope and required metric set for each AI system before deployment approval.",
       "Chair monthly fairness monitoring review meetings and sign off on monitoring compliance attestations.",
       "Escalate unresolved threshold breach alerts to executive leadership within defined SLAs."
      ],
      "failure_signals": [
       "Any high-risk AI system operating more than 30 days without an active monitoring configuration.",
       "Monitoring reports produced but not reviewed for more than one governance cycle.",
       "Threshold breach alerts acknowledged without documented remediation action."
      ]
     },
     "data_scientist": {
      "summary": "You are responsible for implementing the monitoring pipeline and ensuring metric computations are statistically sound and robust to data sparsity in smaller demographic subgroups.",
      "actions": [
       "Implement the fairness metric computation pipeline using validated open-source tooling (IBM AI Fairness 360, Fairlearn) with documented methodology.",
       "Apply appropriate statistical corrections — confidence intervals, bootstrap sampling — for subgroups with small sample sizes to avoid false positives.",
       "Maintain a metric schema registry that documents each metric's formula, reference population, and interpretation guidance."
      ],
      "failure_signals": [
       "Metric computation errors or NaN values not caught and reported.",
       "Subgroup sample sizes below minimum thresholds without documented handling.",
       "Metric schema inconsistent with or undocumented relative to pre-deployment validation methodology."
      ]
     },
     "grc_auditor": {
      "summary": "The monitoring program generates the primary evidence record for demonstrating ongoing fairness compliance to regulators, internal audit, and external assessors.",
      "actions": [
       "Verify that all in-scope AI systems have an active, documented monitoring configuration with defined metrics and thresholds.",
       "Sample monitoring reports across a rolling 90-day window and verify completeness, timeliness, and stakeholder review sign-off.",
       "Confirm that threshold breach events have associated incident records with root cause analysis and remediation timelines."
      ],
      "metrics": [
       "Percentage of in-scope AI systems with active monitoring configurations: target 100%.",
       "Monitoring report delivery SLA adherence: target 95%.",
       "Mean time from threshold breach to acknowledged incident: target <24 hours for high-risk systems."
      ],
      "failure_signals": [
       "Any in-scope system without a monitoring configuration for more than one review cycle.",
       "Threshold breaches with no associated incident records.",
       "Monitoring reports showing unexplained gaps in metric time-series data."
      ]
     },
     "business_stakeholder": {
      "summary": "The fairness monitoring program protects the business from regulatory liability and reputational harm by ensuring AI-driven decisions remain equitable across customer segments.",
      "actions": [
       "Require monitoring program enrollment as a gate condition for any AI system that influences customer-facing decisions.",
       "Review executive fairness dashboards monthly and request escalation briefings when threshold breaches are detected.",
       "Include fairness monitoring status in quarterly AI governance reports to the board."
      ],
      "failure_signals": [
       "AI systems influencing material business decisions without monitoring enrollment.",
       "Business units not informed of threshold breach events affecting their domain.",
       "Fairness monitoring status absent from board-level AI governance reporting."
      ]
     }
    },
    "maturity": {
     "current": "initial",
     "target": "managed",
     "notes": "Most organizations have ad hoc bias testing at deployment but lack systematic production monitoring. Continuous fairness monitoring is an emerging practice becoming a regulatory expectation."
    },
    "capability_risk": {
     "capability_level": "none"
    },
    "tiers": [
     "universal-enterprise",
     "high-risk-sector",
     "eu-high-risk-ai",
     "cloud-native",
     "multi-tenant"
    ],
    "implementers": [
     "Data Science / ML Engineering",
     "AI Ethics Office",
     "Platform Engineering",
     "GRC / Compliance"
    ],
    "frameworks": [
     {
      "framework": "eu_ai_act",
      "requirement_id": "Art. 9(8)",
      "fit": "direct",
      "rationale": "EU AI Act Art. 9(8) requires that high-risk AI systems be tested against prior defined metrics and probabilistic thresholds, and Art. 72 requires post-market monitoring across the system lifetime. Continuous fairness monitoring carries the Art. 9(8) metric-and-threshold discipline into production as part of the post-market monitoring obligation; failing to maintain it constitutes a compliance gap under the Act's conformity requirements.",
      "normative_force": "binding-law",
      "source_version": "2024/1689",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "satisfies"
     },
     {
      "framework": "nist_rmf",
      "requirement_id": "MEASURE 2.11",
      "fit": "direct",
      "rationale": "NIST AI RMF MEASURE 2.11 requires that fairness and bias are evaluated, with results demonstrated — including in deployment contexts, not only during pre-deployment testing. The production monitoring program operationalizes this requirement by establishing a continuous measurement cadence. NIST guidance recognizes that fairness properties can degrade over time due to distribution shift, making production monitoring essential.",
      "normative_force": "voluntary-standard",
      "source_version": "1.0",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "iso_42001",
      "requirement_id": "§9.1",
      "fit": "direct",
      "rationale": "ISO/IEC 42001:2023 clause 9.1 requires organizations to evaluate AI system performance against intended objectives, including ethical objectives such as fairness. The monitoring program provides the structured performance evaluation mechanism required by the standard. ISO 42001 certification auditors will specifically look for evidence of ongoing performance monitoring as a key conformity requirement.",
      "normative_force": "certification-standard",
      "source_version": "2023",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "ibm_ai_fairness",
      "requirement_id": "Fairness metric computation (batch, schedulable on production samples)",
      "fit": "partial",
      "rationale": "AIF360 is a batch evaluation library: it computes fairness metrics on supplied datasets and has no built-in production monitoring service. FM-01 monitoring pipelines can nevertheless use its validated metric implementations by scheduling recurring metric runs over production decision samples, with alerting and dashboards built around the toolkit.",
      "normative_force": "best-practice",
      "source_version": "2018",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "oecd_ai_principles",
      "requirement_id": "Principle 1.2",
      "fit": "partial",
      "rationale": "OECD AI Principle 1.2 (Human-centred values and fairness) requires AI actors to respect human rights and fairness throughout the AI system lifecycle. Production fairness monitoring is the operational mechanism for verifying this principle is upheld in practice over the system's lifetime, and the OECD's 2024 update emphasizes ongoing monitoring as integral to responsible deployment rather than a one-time pre-launch activity.",
      "normative_force": "voluntary-standard",
      "source_version": "2024",
      "reviewed_on": "2026-07-02",
      "basis": "asserted",
      "relation": "informs"
     },
     {
      "framework": "microsoft_rai",
      "requirement_id": "Goal F1 (Quality of service); Goal RS3 (Ongoing monitoring, feedback, and evaluation)",
      "fit": "partial",
      "rationale": "Microsoft's Responsible AI Standard v2 Fairness Goal F1 and Goal RS3 (ongoing monitoring, feedback, and evaluation) require teams deploying AI systems to implement ongoing measurement of fairness metrics post-deployment and to maintain monitoring dashboards visible to product owners. This control directly implements that requirement. Microsoft's Fairlearn toolkit and associated guidance document best practices for production fairness measurement that align with the monitoring pipeline design specified here.",
      "normative_force": "best-practice",
      "source_version": "v2 (2022)",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "google_ai_principles",
      "requirement_id": "Responsible development and deployment — mitigating unintended or harmful outcomes and avoiding unfair bias",
      "fit": "direct",
      "rationale": "Google's current AI Principles (the 2025 revision, which replaced the 2018 seven-principles list with three pillars — Bold innovation; Responsible development and deployment; Collaborative progress) commit to monitoring and safeguards that avoid unfair bias in deployed systems. FM-01's Production Fairness Monitoring Program implements that commitment operationally: every production AI system enrolled in continuous monitoring of designated fairness metrics against baselines, with threshold alerting and governance reporting.",
      "normative_force": "best-practice",
      "source_version": "2025",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "openai_model_spec",
      "requirement_id": "Stay in bounds — Try to prevent imminent real-world harm",
      "fit": "adjacent",
      "rationale": "The Model Spec commits OpenAI's models to avoiding real-world harm, but it does not define deployment-side fairness monitoring. FM-01's production monitoring program is how a deployer verifies that harm avoidance actually holds for demographic outcomes in its own context — detecting disparate-outcome harm that model-level rules alone cannot see.",
      "normative_force": "best-practice",
      "source_version": "2025-12-18",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "anthropic_rsp",
      "requirement_id": "Risk Reports and ongoing capability reassessment",
      "fit": "adjacent",
      "rationale": "RSP v3.3 requires Anthropic to reassess model capabilities on an ongoing basis rather than treating deployment as a terminal checkpoint, with Risk Reports revisited as capabilities or usage change. FM-01 extends the same evaluation-continuity principle to the fairness dimension of deployed systems through continuous metric tracking and governance reporting; the RSP itself governs Anthropic's capability-safety process, not deployer fairness programs.",
      "normative_force": "best-practice",
      "source_version": "3.3",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "meta_llama_rai",
      "requirement_id": "System-level alignment — input/output mitigations; Llama Acceptable Use Policy (separate document)",
      "fit": "adjacent",
      "rationale": "The Responsible Use Guide recommends system-level input and output mitigations — filtering and monitoring model inputs and outputs in deployment — and the separate Acceptable Use Policy prohibits discriminatory uses. FM-01's continuous fairness monitoring is the systematic implementation of output monitoring for the discrimination-related harms those documents address.",
      "normative_force": "best-practice",
      "source_version": "2023",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     }
    ],
    "canonical_id": "apeiris://ethics/controls/FM-01",
    "meta": {
     "authored_on": "2026-06-29",
     "schema_version": "1.1.0"
    },
    "validation_objective": "Every production AI system in scope must have an active fairness monitoring configuration with a defined metric suite, baselines, and threshold values; monitoring must run on at least a daily cadence for high-risk systems; and threshold breach alerts must be acknowledged and assigned to an incident record within 24 hours. A passing state requires 100% enrollment of in-scope systems with no computation gaps exceeding 48 hours and zero unacknowledged breach alerts older than 24 hours.",
    "evidence_required": [
     "fairness_monitoring_configuration_record per AI system showing enrolled_at date, metric suite, threshold values, computation cadence, and stakeholder alert routing configuration",
     "fairness_metric_time_series export covering the past 90 days with per-run fields for computation_timestamp, metric_id, demographic_stratum, sample_size, confidence_interval, and computed_value — with no gaps exceeding 48 hours",
     "threshold_breach_incident_log for the past 12 months showing each alert event with alert_timestamp, metric_name, observed_value, threshold_value, acknowledged_at, and assigned_remediation_owner",
     "governance_review_sign_off records from the past three monthly ethics officer review meetings confirming attendance, metrics reviewed, and compliance certification"
    ],
    "machine_tests": [
     "Query the monitoring registry for all registered AI systems → assert every system with risk_tier='high-risk' has a last_computation_timestamp within the past 24 hours and monitoring_status='active'",
     "Retrieve the threshold breach alert queue → assert no open alert has an alert_timestamp older than 24 hours without an acknowledged_at field and an associated incident_record_id",
     "Query the metric time-series store for any registered system → assert records exist for each day in the past 30 days with no gap between consecutive computation_timestamps exceeding 48 hours"
    ],
    "human_review": [
     "Review the fairness monitoring configuration for each in-scope AI system to verify the metric suite is appropriate for the system's decision context and not narrowed to metrics the system trivially satisfies at the expense of unmonitored dimensions",
     "Sample threshold breach incident records from the past 90 days to confirm each was acknowledged within the 24-hour SLA, assigned to a named owner, and associated with a documented remediation action or risk acceptance decision signed by the ethics officer",
     "Assess the monthly governance review records to verify that ethics officer sign-off reflects actual review of monitoring outputs rather than pro forma attestation without examining trend data"
    ],
    "blocking_effect": "advisory",
    "normative_status": "binding-law",
    "anti_patterns": [
     "Enrolling AI systems in monitoring with a single fairness metric so that the system satisfies the enrollment requirement while exhibiting undetected violations on unmeasured fairness dimensions",
     "Configuring monitoring to run weekly or monthly for high-risk AI systems rather than daily, allowing harmful disparity accumulation to continue for extended periods before detection",
     "Routing threshold breach alerts only to the data science team without notifying the ethics officer and compliance function, preventing timely governance-level response and incident escalation",
     "Computing fairness metrics on aggregate output populations without stratifying by demographic subgroup, producing monitoring compliance records that do not capture between-group disparities",
     "Using the monitoring program primarily to generate reports for regulatory submission rather than as an active detection and response mechanism, treating compliance outputs as the goal rather than equitable outcomes"
    ],
    "update_status": "current",
    "layer_code": "FM"
   },
   {
    "id": "FM-02",
    "layer": "FM",
    "plane": "control",
    "name": "Disparate Outcome Threshold Governance",
    "plain": "Organizations must formally define acceptable numeric thresholds for demographic disparities in AI system outputs, document the legal and ethical rationale for each threshold, and establish tiered escalation procedures that activate when thresholds are exceeded.",
    "threat": {
     "tags": [
      "threshold-miscalibration",
      "disparate-impact-normalization",
      "governance-gap",
      "escalation-failure"
     ],
     "desc": "Without formally defined thresholds, organizations treat fairness as a qualitative aspiration rather than a measurable obligation. Teams can rationalize observed disparities as acceptable without any principled basis, and detected violations may be silently tolerated because no escalation path exists. Regulatory bodies and courts assess disparate impact against quantitative standards; organizations without documented thresholds cannot demonstrate due diligence and face liability under anti-discrimination law."
    },
    "standard": [
     {
      "id": "eu_ai_act",
      "section": "Art. 10(2)(f)",
      "title": "Training data requirements for bias detection"
     },
     {
      "id": "eu_charter",
      "section": "Art. 21",
      "title": "Prohibition of discrimination"
     },
     {
      "id": "nist_rmf",
      "section": "GOVERN 1.2",
      "title": "Trustworthy AI characteristics (fairness) integrated into policy"
     },
     {
      "id": "ieee_7000",
      "section": "Clause 9",
      "title": "Ethical requirements definition — value-based threshold criteria"
     }
    ],
    "sources": [
     {
      "id": "microsoft_rai_standard_v2_2022",
      "title": "Microsoft Responsible AI Standard v2",
      "authority": "Microsoft Corporation",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2",
      "published_on": "2022-06-21",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.microsoft.com/en-us/ai/responsible-ai",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "microsoft_rai_standard_v2_2022",
      "relationship": "informative_reference",
      "rationale": "Establishes Microsoft Responsible AI Standard v2 requirements informing the apeiris://ethics/controls/FM-02 Disparate Outcome Threshold Governance control.",
      "reviewed_on": "2026-07-01"
     },
     {
      "id": "ibm_ai_fairness_360_2021",
      "title": "IBM AI Fairness 360 (AIF360)",
      "authority": "IBM Corporation",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2018",
      "published_on": "2018-09-19",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://github.com/Trusted-AI/AIF360",
      "license": "open-source-apache2",
      "status": "current",
      "flagship": false,
      "source_id": "ibm_ai_fairness_360_2021",
      "relationship": "informative_reference",
      "rationale": "Establishes IBM AI Fairness 360 (AIF360) requirements informing the apeiris://ethics/controls/FM-02 Disparate Outcome Threshold Governance control.",
      "reviewed_on": "2026-07-02"
     },
     {
      "id": "google_ai_principles_2023",
      "title": "Google AI Principles",
      "authority": "Google LLC",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2025",
      "published_on": "2025-02-04",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://ai.google/responsibility/principles/",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "google_ai_principles_2023",
      "relationship": "informative_reference",
      "rationale": "Establishes Google AI Principles requirements informing the apeiris://ethics/controls/FM-02 Disparate Outcome Threshold Governance control.",
      "reviewed_on": "2026-07-02"
     },
     {
      "id": "anthropic_rsp_2024",
      "title": "Anthropic Responsible Scaling Policy v3.3",
      "authority": "Anthropic, PBC",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "3.3",
      "published_on": "2026-05-26",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.anthropic.com/responsible-scaling-policy",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "anthropic_rsp",
      "relationship": "informative_reference",
      "rationale": "Establishes Anthropic Responsible Scaling Policy v3.3 requirements informing the apeiris://ethics/controls/FM-02 Disparate Outcome Threshold Governance control.",
      "reviewed_on": "2026-07-02"
     },
     {
      "id": "meta_llama_responsible_use_2024",
      "title": "Meta Llama Responsible Use Guide",
      "authority": "Meta Platforms, Inc.",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2023",
      "published_on": "2023-07-18",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.llama.com/responsible-use-guide/",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "meta_llama_responsible_use_2024",
      "relationship": "informative_reference",
      "rationale": "Establishes Meta Llama Responsible Use Guide requirements informing the apeiris://ethics/controls/FM-02 Disparate Outcome Threshold Governance control.",
      "reviewed_on": "2026-07-02"
     }
    ],
    "implementation": {
     "pattern": "Establish a threshold governance registry that maps each AI system to its applicable fairness metrics, numeric threshold values with confidence intervals, legal and ethical rationale, approval authority, review cadence, and tiered escalation matrix. Thresholds must be approved by the ethics officer and legal counsel before system deployment and reviewed annually or following material context changes.",
     "steps": [
      "For each AI system, identify the applicable fairness metrics and demographic dimensions based on the system's decision context and the characteristics of the affected population.",
      "Research regulatory benchmarks — EEOC four-fifths rule, EU AI Act provisions, domain-specific guidance, peer literature — to establish candidate threshold values.",
      "Convene a threshold-setting panel including the ethics officer, legal counsel, domain expert, and affected stakeholder representative to review candidates and approve final values with documented rationale.",
      "Record each threshold in the governance registry with its legal basis, statistical methodology, approved value, confidence interval, escalation tier mapping, and next review date.",
      "Integrate threshold values into the production monitoring system (FM-01) and configure automated escalation routing for each threshold tier."
     ],
     "ethics_officer": {
      "summary": "Thresholds translate fairness values into operational compliance requirements. You own the threshold governance process and are accountable for ensuring thresholds are set with appropriate rigor and reviewed when context changes.",
      "actions": [
       "Chair threshold-setting panels for all new AI system deployments and existing systems undergoing material changes.",
       "Maintain the threshold governance registry and ensure each entry has documented rationale and an active review schedule.",
       "Escalate threshold breach events according to the approved escalation matrix and document escalation disposition."
      ],
      "failure_signals": [
       "AI systems operating in production without formally approved thresholds in the registry.",
       "Thresholds not reviewed following significant changes to system scope or affected population demographics.",
       "Escalation procedures not triggered when monitoring data shows threshold breach."
      ]
     },
     "legal_counsel": {
      "summary": "Thresholds have direct legal significance under anti-discrimination and AI regulatory frameworks. You must ensure thresholds are defensible and that escalation procedures connect to legal risk management.",
      "actions": [
       "Advise on legally significant benchmark values — four-fifths rule, EU AI Act provisions, sector-specific requirements — and incorporate them into threshold-setting.",
       "Review threshold rationale documentation for legal sufficiency before approval.",
       "Ensure escalation procedures route threshold breach events to legal review when breach levels indicate potential regulatory exposure."
      ],
      "failure_signals": [
       "Thresholds set below legally significant benchmarks without documented legal analysis.",
       "Threshold breach events not triaged for legal risk before remediation decisions are made.",
       "Threshold documentation lacking reference to applicable law and jurisdiction."
      ]
     },
     "data_scientist": {
      "summary": "Thresholds must be statistically meaningful and account for uncertainty in metric estimates. You are responsible for the quantitative rigor of threshold values and their implementation in monitoring systems.",
      "actions": [
       "Provide statistical analysis supporting each threshold value, including power analysis, confidence interval estimates, and minimum sample size requirements.",
       "Implement threshold logic in the monitoring pipeline with handling for statistical uncertainty to avoid false positives from low-volume subgroups.",
       "Document threshold sensitivity analysis and the impact of alternative threshold values on expected alert rates."
      ],
      "failure_signals": [
       "Threshold values set without statistical basis or power analysis.",
       "Monitoring system triggering alerts based on metrics with insufficient statistical power.",
       "Threshold sensitivity analysis absent from governance documentation."
      ]
     },
     "grc_auditor": {
      "summary": "The threshold governance registry is a primary audit artifact. It demonstrates that fairness is governed through defined, approved standards rather than ad hoc judgment.",
      "actions": [
       "Verify that all in-scope AI systems have threshold registry entries with complete required fields and documented approval.",
       "Confirm threshold values are traceable to legal benchmarks or documented methodological rationale.",
       "Audit threshold review history and verify that thresholds were reviewed following defined trigger conditions."
      ],
      "metrics": [
       "Percentage of in-scope AI systems with complete, approved threshold registry entries: target 100%.",
       "Percentage of threshold breach events triggering the correct escalation tier: target 100%.",
       "Threshold review completion rate within defined cadence: target 95%."
      ],
      "failure_signals": [
       "Registry entries with missing rationale or unapproved threshold values.",
       "Threshold breach events without corresponding escalation records.",
       "Threshold reviews overdue by more than one review cycle."
      ]
     },
     "business_stakeholder": {
      "summary": "Thresholds define the business's explicit commitments on fairness and determine when executive action is required. Understanding threshold logic is essential for informed governance of AI-driven business processes.",
      "actions": [
       "Participate in threshold-setting panels for AI systems in your business domain to ensure operational context informs calibration.",
       "Understand the escalation matrix for AI systems in your domain and ensure business processes are prepared to act on escalation events.",
       "Include threshold compliance status in business unit AI governance reporting."
      ],
      "failure_signals": [
       "Business units not consulted during threshold-setting for AI systems in their domain.",
       "Escalation events received without sufficient context for decision-making.",
       "Threshold breach events causing business disruption due to absence of pre-established response playbooks."
      ]
     }
    },
    "maturity": {
     "current": "initial",
     "target": "defined",
     "notes": "Most organizations lack formalized threshold governance. Existing approaches are informal and undocumented, creating regulatory exposure when disparate impact claims arise."
    },
    "capability_risk": {
     "capability_level": "none"
    },
    "tiers": [
     "universal-enterprise",
     "high-risk-sector",
     "eu-high-risk-ai",
     "federated-enterprise"
    ],
    "implementers": [
     "AI Ethics Office",
     "Legal / Compliance",
     "Data Science / ML Engineering",
     "GRC / Internal Audit"
    ],
    "frameworks": [
     {
      "framework": "eu_ai_act",
      "requirement_id": "Art. 10(2)(f)",
      "fit": "direct",
      "rationale": "The EU AI Act requires high-risk AI system providers to examine training data for possible biases that could affect health, safety, or fundamental rights. Formal threshold governance extends this requirement into the production phase by defining what constitutes an actionable bias level requiring response. EU enforcement guidance indicates that quantitative thresholds with documented rationale are expected as part of high-risk AI conformity assessments.",
      "normative_force": "binding-law",
      "source_version": "2024/1689",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "satisfies"
     },
     {
      "framework": "eu_charter",
      "requirement_id": "Art. 21",
      "fit": "direct",
      "rationale": "Article 21 of the EU Charter prohibits discrimination on grounds of sex, race, ethnic origin, and other protected characteristics. Organizations deploying AI systems in EU contexts must demonstrate that disparate outcomes do not constitute unlawful discrimination; formal numeric thresholds with legal basis provide the evidentiary foundation for this demonstration. Threshold governance operationalizes the non-discrimination obligation at the system level with measurable, defensible criteria.",
      "normative_force": "binding-law",
      "source_version": "2012/C 326/02",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "satisfies"
     },
     {
      "framework": "nist_rmf",
      "requirement_id": "GOVERN 1.2",
      "fit": "direct",
      "rationale": "NIST AI RMF GOVERN 1.2 requires that the characteristics of trustworthy AI — including fairness with harmful bias managed — are integrated into organizational policies, processes, and practices. A threshold governance program implements this by creating a policy-to-system mapping for fairness with measurable acceptance criteria and defined escalation.",
      "normative_force": "voluntary-standard",
      "source_version": "1.0",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "ieee_7000",
      "requirement_id": "Clause 9 (Ethical requirements definition)",
      "fit": "partial",
      "rationale": "IEEE 7000-2021 clause 9 (ethical requirements definition) requires that value concerns — including equity and non-discrimination — be translated into verifiable system requirements. Fairness thresholds operationalize this by deriving measurable acceptance criteria from ethical values that can be independently verified.",
      "normative_force": "voluntary-standard",
      "source_version": "2021",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "microsoft_rai",
      "requirement_id": "Goals F1–F2 (Fairness goals with measurable criteria)",
      "fit": "partial",
      "rationale": "Microsoft's Responsible AI Standard v2 Fairness Goals (F1–F2) require teams to define fairness goals in measurable terms before deployment and to establish monitoring against those goals. Threshold governance implements this requirement by creating the formal structure for defining and tracking measurable fairness commitments. Microsoft's guidance on threshold setting provides practical reference points for calibrating acceptable disparity levels across different decision contexts.",
      "normative_force": "best-practice",
      "source_version": "v2 (2022)",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "ibm_ai_fairness",
      "requirement_id": "Demographic parity difference and equalized odds difference metrics",
      "fit": "direct",
      "rationale": "AIF360 provides the standard computable definitions of demographic parity difference and equalized odds difference on which FM-02's numeric disparity thresholds are defined. Grounding thresholds in these open-source metric implementations makes threshold compliance reproducible and auditable.",
      "normative_force": "best-practice",
      "source_version": "2018",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "google_ai_principles",
      "requirement_id": "Responsible development and deployment — mitigating unintended or harmful outcomes and avoiding unfair bias; human oversight and due diligence",
      "fit": "partial",
      "rationale": "Google's current AI Principles (the 2025 revision, which replaced the 2018 seven-principles list with three pillars — Bold innovation; Responsible development and deployment; Collaborative progress) commit to avoiding unfair bias and to due-diligence mechanisms — which operationally require defining what level of disparity is unacceptable. FM-02's documented numeric thresholds with legal and ethical rationale and tiered escalation make the bias-avoidance commitment enforceable.",
      "normative_force": "best-practice",
      "source_version": "2025",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "anthropic_rsp",
      "requirement_id": "Capability Thresholds — threshold-triggered safeguard requirements",
      "fit": "adjacent",
      "rationale": "RSP v3.3 rests on formally documented thresholds — Capability Thresholds with pre-committed Required Safeguards — rather than case-by-case judgment, so that crossing a threshold mechanically triggers defined obligations. FM-02 applies the same threshold-governance architecture to fairness: documented numeric disparity thresholds with rationale and tiered escalation on breach. The analogy is structural; the RSP governs Anthropic's capability risk, not fairness metrics.",
      "normative_force": "best-practice",
      "source_version": "3.3",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "meta_llama_rai",
      "requirement_id": "Llama Acceptable Use Policy (separate document) — prohibited discrimination",
      "fit": "adjacent",
      "rationale": "The Llama Acceptable Use Policy prohibits uses of the models that unlawfully discriminate against or harm individuals based on protected characteristics — a boundary deployers can only demonstrate they respect by defining what level of measured disparity is unacceptable. FM-02's documented numeric thresholds with legal rationale give that boundary operational form for Llama-based decision systems.",
      "normative_force": "best-practice",
      "source_version": "2023",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     }
    ],
    "canonical_id": "apeiris://ethics/controls/FM-02",
    "meta": {
     "authored_on": "2026-06-29",
     "schema_version": "1.1.0"
    },
    "validation_objective": "Every in-scope AI system must have a complete threshold governance registry entry with approved numeric threshold values, documented legal and ethical rationale, a tiered escalation matrix, and an assigned review date before the system's production deployment date. A passing state requires 100% of in-scope systems to have ethics-officer-approved registry entries and zero threshold breach events in the past 12 months without a corresponding escalation record at the correct tier.",
    "evidence_required": [
     "threshold_governance_registry_entry per AI system containing system_id, applicable_metrics, threshold_values with confidence intervals, legal_basis referencing applicable regulation or benchmark, ethical_rationale, escalation_tier_matrix, approved_by, approval_date, and next_review_date",
     "threshold_setting_panel_record per system documenting participant roles (ethics officer, legal counsel, domain expert, affected stakeholder representative), meeting date, candidate threshold values reviewed, and final approved values with documented justification",
     "escalation_event_record for each threshold breach in the past 12 months showing breach_severity_tier, escalation_tier_triggered, notified_parties, response_timestamp, and disposition with signed approval",
     "threshold_review_log confirming each registry entry has been reviewed within its defined cadence or within 30 days of a material change to the system's scope or affected population"
    ],
    "machine_tests": [
     "Query the threshold governance registry for all registered AI systems → assert every entry has non-null values for all required fields and an approval_date that predates the system's first production deployment date",
     "Retrieve all threshold breach events from the monitoring system for the past 90 days → assert each event has a corresponding escalation_event_record with an escalation_tier value matching the breach severity and a non-null notified_parties list",
     "Query registry entries for next_review_date → assert no entry has a next_review_date in the past without a completed review record showing review_date and reviewer identity"
    ],
    "human_review": [
     "Review threshold values for a sample of in-scope AI systems to verify they are calibrated against legally significant benchmarks such as the EEOC four-fifths rule and EU AI Act enforcement guidance, and are not set so loosely that legally actionable disparities would pass undetected",
     "Assess threshold-setting panel records to confirm that affected stakeholder representatives participated substantively and that their input is documented in the rationale, not merely listed as present",
     "Review the escalation matrix for each system to verify that escalation tiers are connected to legal risk management and that legal counsel is notified when breach levels indicate potential regulatory exposure under applicable law"
    ],
    "blocking_effect": "blocks-deployment",
    "normative_status": "binding-law",
    "anti_patterns": [
     "Setting fairness thresholds after initial deployment rather than as a pre-deployment gate, allowing AI systems to operate for extended periods without enforceable numeric fairness criteria",
     "Defining thresholds through a single data scientist's analysis without convening a panel that includes ethics officer, legal counsel, and affected stakeholder representative input",
     "Calibrating thresholds so loosely relative to legal benchmarks that breach events do not surface until disparities have exceeded legally actionable levels under applicable anti-discrimination law",
     "Routing threshold breach escalation events only to the data team without notifying the ethics officer and legal counsel who can assess regulatory exposure and trigger appropriate response procedures",
     "Allowing threshold review cycles to lapse after material changes to system scope or affected population demographics, leaving thresholds calibrated to a prior version of the system's operational context"
    ],
    "update_status": "current",
    "layer_code": "FM"
   },
   {
    "id": "FM-03",
    "layer": "FM",
    "plane": "data",
    "name": "Statistical Parity and Equalized Odds Monitoring",
    "plain": "AI systems must have their outputs regularly assessed against a defined suite of statistical fairness metrics — including demographic parity difference, equalized odds difference, and calibration by group — with results stored in a queryable time-series record and interpreted in light of known metric trade-offs.",
    "threat": {
     "tags": [
      "demographic-parity-violation",
      "equalized-odds-gap",
      "calibration-drift",
      "metric-selection-bias"
     ],
     "desc": "Organizations that monitor only a single fairness metric may satisfy that metric while exhibiting severe violations on others, a phenomenon documented in fairness literature as the impossibility theorem regime. Without systematic multi-metric monitoring, teams can unknowingly optimize for one fairness criterion at the expense of another, creating outcomes that appear compliant under narrow assessment while causing demonstrable harm along alternative fairness dimensions relevant to affected populations."
    },
    "standard": [
     {
      "id": "nist_rmf",
      "section": "MEASURE 2.11",
      "title": "Fairness and bias measurement methodology"
     },
     {
      "id": "ibm_ai_fairness",
      "section": "Fairness metric suite",
      "title": "AIF360 fairness metric implementations (demographic parity, equalized odds, disparate impact)"
     },
     {
      "id": "ieee_7000",
      "section": "§7.3",
      "title": "Measurable fairness criteria"
     },
     {
      "id": "oecd_ai_principles",
      "section": "Principle 1.2",
      "title": "Human-centred values and fairness"
     }
    ],
    "sources": [
     {
      "id": "microsoft_rai_standard_v2_2022",
      "title": "Microsoft Responsible AI Standard v2",
      "authority": "Microsoft Corporation",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2",
      "published_on": "2022-06-21",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.microsoft.com/en-us/ai/responsible-ai",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "microsoft_rai_standard_v2_2022",
      "relationship": "informative_reference",
      "rationale": "Establishes Microsoft Responsible AI Standard v2 requirements informing the apeiris://ethics/controls/FM-03 Statistical Parity and Equalized Odds Monitoring control.",
      "reviewed_on": "2026-07-01"
     },
     {
      "id": "ibm_ai_fairness_360_2021",
      "title": "IBM AI Fairness 360 (AIF360)",
      "authority": "IBM Corporation",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2018",
      "published_on": "2018-09-19",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://github.com/Trusted-AI/AIF360",
      "license": "open-source-apache2",
      "status": "current",
      "flagship": false,
      "source_id": "ibm_ai_fairness_360_2021",
      "relationship": "informative_reference",
      "rationale": "Establishes IBM AI Fairness 360 (AIF360) requirements informing the apeiris://ethics/controls/FM-03 Statistical Parity and Equalized Odds Monitoring control.",
      "reviewed_on": "2026-07-02"
     },
     {
      "id": "google_ai_principles_2023",
      "title": "Google AI Principles",
      "authority": "Google LLC",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2025",
      "published_on": "2025-02-04",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://ai.google/responsibility/principles/",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "google_ai_principles_2023",
      "relationship": "informative_reference",
      "rationale": "Establishes Google AI Principles requirements informing the apeiris://ethics/controls/FM-03 Statistical Parity and Equalized Odds Monitoring control.",
      "reviewed_on": "2026-07-02"
     },
     {
      "id": "openai_model_spec_2024",
      "title": "OpenAI Model Specification",
      "authority": "OpenAI, L.L.C.",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2024",
      "published_on": "2024-05-08",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://cdn.openai.com/spec/model-spec-2024-05-08.html",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "openai_model_spec_2024",
      "relationship": "informative_reference",
      "rationale": "Establishes OpenAI Model Specification requirements informing the apeiris://ethics/controls/FM-03 Statistical Parity and Equalized Odds Monitoring control.",
      "reviewed_on": "2026-07-01"
     },
     {
      "id": "meta_llama_responsible_use_2024",
      "title": "Meta Llama Responsible Use Guide",
      "authority": "Meta Platforms, Inc.",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2023",
      "published_on": "2023-07-18",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.llama.com/responsible-use-guide/",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "meta_llama_responsible_use_2024",
      "relationship": "informative_reference",
      "rationale": "Establishes Meta Llama Responsible Use Guide requirements informing the apeiris://ethics/controls/FM-03 Statistical Parity and Equalized Odds Monitoring control.",
      "reviewed_on": "2026-07-02"
     }
    ],
    "implementation": {
     "pattern": "Implement a fairness metric computation library that produces a standardized metric report for each AI system on a defined schedule. The report includes demographic parity difference, equalized odds difference (TPR parity, FPR parity), predictive parity, calibration error by group, and individual fairness metrics where applicable. Metric definitions, reference populations, and computation methodology are documented in a schema registry.",
     "steps": [
      "Enumerate the fairness metrics applicable to each AI system based on its decision context — equalized odds for high-stakes classification, calibration for risk scoring, demographic parity for opportunity allocation — and document the selection rationale.",
      "Implement metric computation using validated tooling (IBM AI Fairness 360, Fairlearn, or equivalent) with documented formulas, reference population definitions, and intersection handling for multi-attribute demographic analysis.",
      "Establish metric computation schedules: continuous streaming for high-risk production systems, daily batch for standard systems, and event-triggered for low-volume output systems.",
      "Store metric computation outputs in a time-series data store with immutable append semantics, including metadata per computation run: timestamp, sample size, confidence intervals, and tool version.",
      "Define metric interpretation guidance for each metric, including known trade-offs between metrics and conditions under which violations require immediate escalation versus scheduled review."
     ],
     "ethics_officer": {
      "summary": "The selection of fairness metrics encodes ethical choices about what kind of fairness the organization is committed to. You must ensure metric selection reflects the organization's ethical obligations to affected populations and is not narrowed to metrics the system easily satisfies.",
      "actions": [
       "Review and approve the fairness metric suite for each AI system before deployment, ensuring the selection is appropriate for the decision context and affected populations.",
       "Commission periodic external expert review of the metric framework to identify gaps or emerging best practices.",
       "Document the ethical rationale for metric selection in the threshold governance registry alongside threshold values."
      ],
      "failure_signals": [
       "Metric suites not reviewed or approved by ethics officer before deployment.",
       "Single-metric monitoring that could obscure violations on other fairness dimensions.",
       "Metric selection rationale absent from governance documentation."
      ]
     },
     "data_scientist": {
      "summary": "You are responsible for the technical validity of fairness metric computations. This requires statistical rigor, handling of data sparsity, and awareness of the mathematical relationships and trade-offs between fairness metrics.",
      "actions": [
       "Implement each metric using validated formulas from published literature or open-source fairness toolkits, with unit tests verifying correct computation on synthetic datasets with known ground-truth fairness properties.",
       "Apply bootstrap confidence intervals or Bayesian credible intervals for all metrics computed on small subgroup samples (n < 200) to avoid false positive alerts.",
       "Document known metric incompatibilities — e.g., equalized odds and demographic parity cannot both be satisfied simultaneously except in degenerate cases — in the metric schema registry."
      ],
      "failure_signals": [
       "Metric computation producing NaN or Inf values without error handling.",
       "Confidence intervals not computed for subgroups with small sample sizes.",
       "Metric definitions differing between pre-deployment validation and production monitoring."
      ]
     },
     "grc_auditor": {
      "summary": "The metric time-series record provides the evidentiary foundation for demonstrating ongoing fairness compliance. You must verify the completeness, accuracy, and integrity of this record.",
      "actions": [
       "Audit metric computation outputs against raw data samples to verify correctness on a periodic basis.",
       "Verify that the metric time-series record is complete with no unexplained gaps in the computation schedule.",
       "Confirm that the metric schema is documented and consistent with production implementations."
      ],
      "metrics": [
       "Metric computation completeness rate (scheduled runs completed): target 99%.",
       "Metric schema documentation completeness (all production metrics documented): target 100%.",
       "Subgroup sample size coverage report: tracked and within-SLA response for subgroups falling below minimum threshold."
      ],
      "failure_signals": [
       "Gaps in metric time-series data without documented explanation.",
       "Metric schema undocumented or inconsistent with production implementation.",
       "Metric computation errors not caught and reported in the monitoring pipeline."
      ]
     },
     "business_stakeholder": {
      "summary": "Understanding the fairness metrics applied to AI systems in your domain enables informed governance decisions and positions the business to respond confidently to regulatory inquiries.",
      "actions": [
       "Request plain-language summaries of the fairness metrics applied to each AI system in your domain and their business implications.",
       "Ensure that business objectives are not structured in ways that create incentives to suppress fairness monitoring results.",
       "Include fairness metric trends in business unit AI performance reviews."
      ],
      "failure_signals": [
       "Business KPIs structured in ways that create incentives to suppress fairness monitoring results.",
       "Business stakeholders unable to explain the fairness metrics applied to AI systems they own.",
       "Fairness metric trends not reviewed in business performance cycles."
      ]
     }
    },
    "maturity": {
     "current": "initial",
     "target": "managed",
     "notes": "Many organizations compute basic accuracy metrics by demographic group but lack systematic multi-metric fairness monitoring with documented methodology and time-series tracking."
    },
    "capability_risk": {
     "capability_level": "none"
    },
    "tiers": [
     "universal-enterprise",
     "high-risk-sector",
     "eu-high-risk-ai",
     "cloud-native"
    ],
    "implementers": [
     "Data Science / ML Engineering",
     "AI Ethics Office",
     "Platform Engineering"
    ],
    "frameworks": [
     {
      "framework": "nist_rmf",
      "requirement_id": "MEASURE 2.11",
      "fit": "direct",
      "rationale": "NIST AI RMF MEASURE 2.11 requires that fairness and bias are evaluated and results demonstrated, using appropriate statistical methods across demographic groups. This control directly implements that requirement by defining a systematic multi-metric evaluation protocol. NIST guidance specifically identifies demographic parity, equalized odds, and calibration as key metrics to consider, aligning with this control's metric suite.",
      "normative_force": "voluntary-standard",
      "source_version": "1.0",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "ibm_ai_fairness",
      "requirement_id": "Fairness metric suite (demographic parity difference, equalized odds difference, disparate impact ratio)",
      "fit": "direct",
      "rationale": "AIF360 provides the canonical open-source implementations of the metric suite this control tracks — demographic parity difference, equalized odds difference, and disparate impact ratio. FM-03's monitoring protocol can compute its time-series metrics with these implementations, run as scheduled batch evaluations over production data.",
      "normative_force": "best-practice",
      "source_version": "2018",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "ieee_7000",
      "requirement_id": "§7.3",
      "fit": "direct",
      "rationale": "IEEE 7000-2021 clause 7.3 requires that ethical criteria be expressed as measurable system requirements that can be verified through testing and monitoring. This control operationalizes fairness as a measurable requirement by defining a specific metric suite with quantitative thresholds. The IEEE standard's requirement for verifiable criteria directly motivates the multi-metric approach taken in this control.",
      "normative_force": "voluntary-standard",
      "source_version": "2021",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "eu_ai_act",
      "requirement_id": "Art. 9(8)",
      "fit": "direct",
      "rationale": "EU AI Act Art. 9(8) requires testing of high-risk AI systems against prior defined metrics and probabilistic thresholds. Tracking equalized odds and demographic parity against defined thresholds in production extends that requirement across the deployment phase; notified bodies conducting conformity assessments expect documented metric computation methodologies and time-series records demonstrating sustained monitoring.",
      "normative_force": "binding-law",
      "source_version": "2024/1689",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "satisfies"
     },
     {
      "framework": "microsoft_rai",
      "requirement_id": "Goals F1–F3 (Fairness measurement)",
      "fit": "partial",
      "rationale": "Microsoft's Responsible AI Standard v2 Fairness Goals (F1–F3) reference the Fairlearn toolkit's multi-metric approach to fairness assessment and requires ongoing measurement against multiple fairness criteria. This control aligns with Microsoft's documented best practice of monitoring a suite of complementary fairness metrics rather than relying on any single metric. Microsoft's Fairlearn library is an explicit reference implementation for the metric computation approach specified here.",
      "normative_force": "best-practice",
      "source_version": "v2 (2022)",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "google_ai_principles",
      "requirement_id": "Responsible development and deployment — mitigating unintended or harmful outcomes and avoiding unfair bias",
      "fit": "direct",
      "rationale": "Google's current AI Principles (the 2025 revision, which replaced the 2018 seven-principles list with three pillars — Bold innovation; Responsible development and deployment; Collaborative progress) commit to testing and monitoring that avoid unfair bias across groups of people. FM-03's statistical parity and equalized odds monitoring implements that commitment quantitatively, with a multi-metric suite tracked in a queryable time-series record.",
      "normative_force": "best-practice",
      "source_version": "2025",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "openai_model_spec",
      "requirement_id": "Stay in bounds — Try to prevent imminent real-world harm",
      "fit": "adjacent",
      "rationale": "The Model Spec's harm-avoidance rules operate at the level of individual model behavior and do not address statistical fairness across groups. FM-03's statistical parity and equalized odds monitoring supplies the quantitative, population-level evidence a deployer needs to confirm that systems built on the model do not produce systematically disparate outcomes — a harm class the spec's Stay in bounds commitment implies but cannot itself measure.",
      "normative_force": "best-practice",
      "source_version": "2025-12-18",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "meta_llama_rai",
      "requirement_id": "Model-level alignment — Evaluate and improve performance; Red teaming",
      "fit": "partial",
      "rationale": "The Responsible Use Guide recommends iterative evaluation and red-teaming to find and fix safety and bias issues in Llama-based products. FM-03's statistical parity and equalized odds monitoring complements that point-in-time evaluation guidance with continuous production measurement, detecting gradual fairness drift that red-team exercises cannot capture.",
      "normative_force": "best-practice",
      "source_version": "2023",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "owasp_ai_exchange",
      "requirement_id": "unwantedbiastesting",
      "fit": "partial",
      "rationale": "FM-03 measures demographic parity, equalized odds, and calibration error in production, extending bias testing into runtime monitoring rather than pre-deployment testing alone.",
      "normative_force": "industry-framework",
      "source_version": "continuously-updated",
      "reviewed_on": "2026-07-08",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "mitre",
      "requirement_id": "AML.M0008",
      "fit": "supporting",
      "direction": "control-supports-requirement",
      "rationale": "Control \"AI systems must have a documented multi-metric fairness suite covering at minimum…\" enacts ATLAS mitigation AML.M0008 Validate AI Model; OpenCRE crosswalks this control’s OWASP AI Exchange concept (unwantedbiastesting) to this mitigation.",
      "source_version": "v2026.06",
      "reviewed_on": "2026-07-08",
      "source_status": "authoritative",
      "mapping_confidence": "medium",
      "legal_status": "not-applicable",
      "control_readiness": "approved",
      "implementation_maturity": "developing",
      "assurance_result": "not-assessed",
      "evidence_status": "no-evidence",
      "normative_force": "industry-framework",
      "basis": "asserted",
      "relation": "equivalent_to",
      "correction": "ap38-opencre-enhancement 2026-07-08"
     }
    ],
    "canonical_id": "apeiris://ethics/controls/FM-03",
    "meta": {
     "authored_on": "2026-06-29",
     "schema_version": "1.1.0"
    },
    "validation_objective": "AI systems must have a documented multi-metric fairness suite covering at minimum demographic parity difference, equalized odds difference (TPR and FPR parity separately), and calibration error by group, with all metric definitions recorded in a schema registry including formula, reference population, and known trade-off notes, and computation results stored in an immutable time-series record. A passing state requires 100% of tracked metrics to have schema registry entries and zero unexplained gaps longer than 48 hours in the computation history.",
    "evidence_required": [
     "fairness_metric_schema_registry entry for each tracked metric containing metric_id, mathematical formula, reference_population_definition, tracked_demographic_attributes, computation_tool_version, and documented trade_off_notes relative to other metrics in the suite",
     "metric_time_series_store export for the past 90 days with per-run fields for computation_timestamp, metric_id, demographic_stratum, sample_size, confidence_interval_lower, confidence_interval_upper, and computed_value — stored with immutable append semantics",
     "metric_computation_validation_record showing unit test results verifying correct output on synthetic datasets with known ground-truth fairness properties for each metric in the suite",
     "metric_trade_off_documentation report acknowledging the fairness impossibility theorem implications for the system's metric combination and explaining the ethical rationale for the selection when metrics are known to be in tension"
    ],
    "machine_tests": [
     "Submit a synthetic scored dataset with known ground-truth fairness properties to the metric computation pipeline → assert demographic_parity_difference, equalized_odds_tpr_difference, equalized_odds_fpr_difference, and calibration_error outputs each match expected values within ±0.001 tolerance",
     "Query the metric time-series store for each registered AI system → assert records exist for demographic_parity_difference, equalized_odds_tpr_difference, equalized_odds_fpr_difference, and calibration_error for each tracked demographic attribute in the system's configuration",
     "Trigger a metric computation run with a synthetic subgroup of n=50 → assert the output record contains confidence_interval_lower and confidence_interval_upper fields rather than a point estimate without uncertainty bounds"
    ],
    "human_review": [
     "Review the metric schema registry entries for each AI system to verify that metric selection is driven by the decision context and affected population's legal and ethical interests rather than by convenience or expectation of favorable scores",
     "Assess the metric trade-off documentation to confirm the organization has acknowledged known incompatibilities between selected metrics and has documented the ethical rationale for how conflicting metric signals will be prioritized in practice",
     "Inspect a sample of metric computation records for subgroup strata with small sample sizes to verify confidence intervals are computed and that NaN or Inf values generate explicit error records rather than being silently propagated into the time-series store"
    ],
    "blocking_effect": "advisory",
    "normative_status": "binding-law",
    "anti_patterns": [
     "Monitoring demographic parity alone while omitting equalized odds metrics, enabling a system to appear fair by equal positive prediction rates while exhibiting severe and unreported false positive or false negative rate disparities across demographic groups",
     "Defining reference populations without explicit demographic stratification specifications, making metric values uninterpretable and non-reproducible across computation runs or audits",
     "Computing point estimates for small demographic subgroups below n=200 without confidence intervals, generating false positive breach alerts that erode organizational confidence in the monitoring system",
     "Storing metric time-series data in mutable storage that permits post-computation modifications, making it impossible to demonstrate the integrity of historical fairness records under audit",
     "Selecting the fairness metric suite without ethics officer and legal review, resulting in metric choices that satisfy technical convenience rather than the fairness dimensions most relevant to the system's legal exposure and affected population"
    ],
    "update_status": "current",
    "layer_code": "FM"
   },
   {
    "id": "FM-04",
    "layer": "FM",
    "plane": "lifecycle",
    "name": "Feedback Loop and Reinforcement Bias Detection",
    "plain": "Organizations must maintain a data flow map for each AI system that identifies feedback loops where AI outputs influence future training data, and must implement monitoring controls to detect and interrupt bias amplification in these loops before it compounds across retraining cycles.",
    "threat": {
     "tags": [
      "feedback-loop-amplification",
      "historical-bias-reinforcement",
      "training-data-contamination",
      "disparate-impact-compounding"
     ],
     "desc": "When AI system outputs influence the data used to retrain or fine-tune models, initial biases can amplify exponentially. A hiring system that filters out candidates from certain backgrounds creates training data showing those backgrounds correlate with rejection, causing the next model iteration to filter them more aggressively. These compounding loops can convert small initial disparities into severe discrimination within a small number of retraining cycles, often without detection because each individual step appears statistically normal when viewed in isolation."
    },
    "standard": [
     {
      "id": "nist_rmf",
      "section": "MEASURE 2.4",
      "title": "Production monitoring of AI system functionality and behavior"
     },
     {
      "id": "ieee_7000",
      "section": "Clause 7",
      "title": "Context exploration — system dynamics and feedback effects"
     },
     {
      "id": "iso_42001",
      "section": "§8.4",
      "title": "AI system lifecycle management"
     },
     {
      "id": "oecd_ai_principles",
      "section": "Principle 1.2",
      "title": "Human-centred values and fairness over time"
     }
    ],
    "sources": [
     {
      "id": "microsoft_rai_standard_v2_2022",
      "title": "Microsoft Responsible AI Standard v2",
      "authority": "Microsoft Corporation",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2",
      "published_on": "2022-06-21",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.microsoft.com/en-us/ai/responsible-ai",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "microsoft_rai_standard_v2_2022",
      "relationship": "informative_reference",
      "rationale": "Establishes Microsoft Responsible AI Standard v2 requirements informing the apeiris://ethics/controls/FM-04 Feedback Loop and Reinforcement Bias Detection control.",
      "reviewed_on": "2026-07-01"
     },
     {
      "id": "google_ai_principles_2023",
      "title": "Google AI Principles",
      "authority": "Google LLC",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2025",
      "published_on": "2025-02-04",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://ai.google/responsibility/principles/",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "google_ai_principles_2023",
      "relationship": "informative_reference",
      "rationale": "Establishes Google AI Principles requirements informing the apeiris://ethics/controls/FM-04 Feedback Loop and Reinforcement Bias Detection control.",
      "reviewed_on": "2026-07-02"
     }
    ],
    "implementation": {
     "pattern": "Build a data lineage graph for each AI system that traces the path from AI output to potential training data inclusion. Implement monitoring hooks at each node in the feedback path that detect statistical changes in demographic distribution over successive retraining cycles. Alert when demographic composition of AI-influenced training data diverges significantly from the reference population distribution.",
     "steps": [
      "Conduct a data flow audit for each AI system to map all paths by which system outputs could influence future training data, including direct retraining pipelines, human-in-the-loop labeling queues fed by AI decisions, and downstream systems that generate training signals.",
      "For each identified feedback path, define a set of demographic distribution metrics to track at key nodes in the pipeline — demographic composition of accepted items, rejected items, and labeler decisions entering training corpora.",
      "Implement automated monitoring at each feedback path node that computes demographic distribution metrics on each data batch and compares to reference baseline distributions using population stability indices.",
      "Define alert thresholds for demographic drift in feedback loops that are more conservative than production output thresholds, reflecting the amplifying nature of training data contamination.",
      "Establish circuit-breaker controls that can pause or quarantine feedback loops pending human review when alert thresholds are triggered, preventing continued contamination across the next retraining cycle."
     ],
     "ethics_officer": {
      "summary": "Feedback loops represent the highest-risk mechanism for bias amplification in AI systems. You must ensure every AI system's feedback architecture is documented and monitored, particularly systems with ongoing learning or periodic retraining.",
      "actions": [
       "Require data flow audits for all AI systems as a condition of deployment approval, with explicit identification of feedback loop risks.",
       "Establish policy requiring ethics officer approval before activating any feedback loop that allows AI outputs to directly influence training data.",
       "Review feedback loop monitoring reports quarterly and escalate amplification signals immediately to the incident response program."
      ],
      "failure_signals": [
       "AI systems with active retraining pipelines lacking documented feedback loop maps.",
       "Feedback loop monitoring not activated for systems with known retraining dependencies.",
       "Demographic drift in training data pipelines not escalated within defined SLAs."
      ]
     },
     "data_scientist": {
      "summary": "You must understand the feedback architecture of every system you build and implement monitoring that can detect bias amplification before it becomes severe enough to cause material harm.",
      "actions": [
       "Document all feedback paths in the system design artifact, including explicit analysis of demographic distribution effects for each path.",
       "Implement statistical tests — KL divergence, population stability index, chi-squared drift tests — to detect demographic drift in feedback-influenced training data.",
       "Design retraining pipelines with explicit demographic distribution checks as a gate condition before new model promotion to production."
      ],
      "failure_signals": [
       "Retraining pipelines that consume AI outputs without demographic distribution checks.",
       "Feedback loop maps absent from system design documentation.",
       "Statistical drift tests not implemented at key nodes in identified feedback paths."
      ]
     },
     "grc_auditor": {
      "summary": "Feedback loop risks are often invisible in standard audit artifacts because they manifest across time rather than in point-in-time snapshots. You must specifically audit for feedback loop documentation and monitoring coverage.",
      "actions": [
       "Request data flow diagrams for all AI systems with retraining capabilities and verify feedback loops are identified and monitored.",
       "Audit demographic distribution time series for training data pipelines to detect unreported drift over rolling 12-month windows.",
       "Verify that circuit-breaker controls are tested and functional."
      ],
      "metrics": [
       "Percentage of AI systems with retraining capabilities having documented feedback loop maps: target 100%.",
       "Percentage of identified feedback paths with active demographic monitoring: target 100%.",
       "Circuit-breaker control test completion rate: target 100% annually."
      ],
      "failure_signals": [
       "AI systems with retraining pipelines lacking feedback loop documentation.",
       "Demographic drift detected in audit samples that was not caught by monitoring.",
       "Circuit-breaker controls untested or non-functional."
      ]
     },
     "business_stakeholder": {
      "summary": "Feedback loop bias is a slow-moving but high-severity risk that can produce significant legal and reputational harm before it becomes externally visible. Business oversight must include feedback loop risk as a standing agenda item.",
      "actions": [
       "Require disclosure of all feedback loops in AI system deployment proposals reviewed at the business level.",
       "Include feedback loop monitoring status in business unit AI risk registers.",
       "Ensure legal counsel is informed of all active feedback loops in high-risk AI systems."
      ],
      "failure_signals": [
       "Active feedback loops in AI systems not disclosed in business-level deployment reviews.",
       "Feedback loop risks not included in AI risk registers for relevant business units.",
       "Legal counsel not informed of feedback loop architecture in high-risk AI deployments."
      ]
     }
    },
    "maturity": {
     "current": "initial",
     "target": "defined",
     "notes": "Feedback loop bias is an advanced risk concept poorly understood in most organizations. Few have systematic monitoring; most rely on periodic human review of model behavior which cannot detect gradual amplification."
    },
    "capability_risk": {
     "capability_level": "none"
    },
    "tiers": [
     "universal-enterprise",
     "high-risk-sector",
     "eu-high-risk-ai",
     "cloud-native"
    ],
    "implementers": [
     "Data Science / ML Engineering",
     "AI Ethics Office",
     "Platform Engineering",
     "Legal / Compliance"
    ],
    "frameworks": [
     {
      "framework": "nist_rmf",
      "requirement_id": "MEASURE 2.4",
      "fit": "direct",
      "rationale": "NIST AI RMF MEASURE 2.4 requires that the functionality and behavior of the AI system are monitored when in production. Feedback-loop bias detection monitors precisely the emergent production behavior — model outputs influencing future training data across retraining cycles — that static pre-deployment assessment cannot capture.",
      "normative_force": "voluntary-standard",
      "source_version": "1.0",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "ieee_7000",
      "requirement_id": "Clause 7 (Concept of operations and context exploration)",
      "fit": "direct",
      "rationale": "IEEE 7000-2021 clause 7's context exploration requires analyzing the system's operational environment, including dynamics and interactions that can cause behavior to drift from design intent over time. Feedback loop bias detection monitors exactly such dynamics — outputs re-entering training data — across retraining cycles.",
      "normative_force": "voluntary-standard",
      "source_version": "2021",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "eu_ai_act",
      "requirement_id": "Art. 9(2)(b)",
      "fit": "partial",
      "rationale": "The EU AI Act requires high-risk AI system providers to implement risk management systems that identify and mitigate reasonably foreseeable risks, including risks arising from system behavior over time. Feedback loop amplification is a reasonably foreseeable risk for any AI system with retraining capabilities, making monitoring a required element of the risk management system. EU guidance on automated decision-making specifically identifies feedback loops as a mechanism requiring proactive oversight.",
      "normative_force": "binding-law",
      "source_version": "2024/1689",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "satisfies"
     },
     {
      "framework": "iso_42001",
      "requirement_id": "§8.4",
      "fit": "direct",
      "rationale": "ISO/IEC 42001:2023 clause 8.4 requires organizations to manage the full AI system lifecycle, including changes to the system over time. Feedback loop monitoring implements the lifecycle management requirement by ensuring that retraining cycles do not introduce or amplify ethical harms. The standard requires documented controls for managing lifecycle risks, which this control provides through the circuit-breaker and demographic drift monitoring mechanisms.",
      "normative_force": "certification-standard",
      "source_version": "2023",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "oecd_ai_principles",
      "requirement_id": "Principle 1.2",
      "fit": "partial",
      "rationale": "OECD AI Principle 1.2 on human-centred values and fairness implies sustained commitment to fairness over the AI system's operational life, not only at the moment of deployment. Feedback loop monitoring directly supports this sustained fairness obligation by detecting mechanisms that cause fairness to degrade across retraining iterations. OECD governance guidance highlights feedback loops as a systemic risk requiring proactive management as part of responsible AI deployment practices.",
      "normative_force": "voluntary-standard",
      "source_version": "2024",
      "reviewed_on": "2026-07-02",
      "basis": "asserted",
      "relation": "informs"
     },
     {
      "framework": "microsoft_rai",
      "requirement_id": "Goals F1–F3 (Fairness — intersecting and compounding bias)",
      "fit": "partial",
      "rationale": "Microsoft's Responsible AI Standard v2 Fairness goals require organizations to identify and address intersecting and compounding forms of bias in AI systems, including dynamic bias amplification that occurs through feedback mechanisms between AI outputs and future training data. FM-04's Feedback Loop and Reinforcement Bias Detection directly addresses this requirement by mandating data flow maps that identify feedback loops and monitoring controls that detect bias amplification before it compounds across retraining cycles. The data flow mapping and loop interruption controls in FM-04 operationalize Microsoft's fairness goal for the specific class of compounding bias that feedback mechanisms create.",
      "normative_force": "best-practice",
      "source_version": "v2 (2022)",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "google_ai_principles",
      "requirement_id": "Responsible development and deployment — mitigating unintended or harmful outcomes and avoiding unfair bias; rigorous design, testing, monitoring, and safeguards",
      "fit": "partial",
      "rationale": "Google's current AI Principles (the 2025 revision, which replaced the 2018 seven-principles list with three pillars — Bold innovation; Responsible development and deployment; Collaborative progress) commit to safeguards against unintended harmful outcomes, which include self-reinforcing bias that compounds through feedback between AI outputs and future training data. FM-04's data-flow mapping, drift monitoring, and loop-interruption controls address exactly that class of systemic risk.",
      "normative_force": "best-practice",
      "source_version": "2025",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     }
    ],
    "canonical_id": "apeiris://ethics/controls/FM-04",
    "meta": {
     "authored_on": "2026-06-29",
     "schema_version": "1.1.0"
    },
    "validation_objective": "All AI systems with retraining capabilities must have documented data flow maps identifying every feedback path where outputs influence future training data, and active demographic distribution monitoring must be operational at each identified path node with circuit-breaker controls configured and tested. The control passes if no retraining cycle proceeds without passing demographic drift checks against defined tolerance thresholds.",
    "evidence_required": [
     "Data flow audit report for each AI system with retraining capabilities, identifying all feedback paths from AI outputs to training data pipelines with node-level demographic distribution checkpoints",
     "Demographic drift monitoring logs showing population stability index or KL divergence measurements at each feedback path node for the trailing monitoring period",
     "Circuit-breaker control test records confirming interruption of feedback loops when demographic drift thresholds are exceeded, with timestamps and reviewer identity",
     "Feedback loop map per AI system listing each path, demographic metrics tracked, baseline distribution, alert threshold, and last-validated date",
     "Retraining gate condition records confirming demographic distribution checks were passed before each model promotion to production"
    ],
    "machine_tests": [
     "Query feedback loop map registry for all AI systems with active retraining pipelines → assert 100% have documented maps with node-level demographic monitoring configurations",
     "Inject synthetic training batch with 40% demographic distribution shift at a monitored feedback node → assert alert triggered and circuit-breaker status changed to QUARANTINE within defined SLA",
     "Attempt to promote a model trained on a quarantined feedback batch → assert promotion is blocked pending demographic drift resolution",
     "Retrieve monitoring logs for the trailing 30 days and cross-check against retraining cycle records → assert every retraining event has a corresponding demographic distribution check with pass/fail result"
    ],
    "human_review": [
     "Review data flow audit reports to verify feedback loop identification is complete and that all paths where AI outputs can influence training data are documented with explainable methodology",
     "Assess circuit-breaker control design to confirm that interruption thresholds are calibrated appropriately for each system's risk level and that triggered interruptions have corresponding human review records",
     "Verify that feedback loop risk disclosures appear in AI system deployment proposals reviewed at ethics officer and business levels"
    ],
    "blocking_effect": "advisory",
    "normative_status": "binding-law",
    "anti_patterns": [
     "Documenting retraining pipelines as having no feedback loops without explicit analysis of downstream data flows that may return AI decisions as training signals",
     "Setting demographic drift alert thresholds at the same level as production output thresholds rather than more conservative thresholds that account for the amplifying effect of retraining cycles",
     "Activating circuit-breaker controls only for the specific demographic dimension where drift was detected, leaving other demographic dimensions unprotected in the same contaminated pipeline",
     "Treating demographic drift in training data pipelines as equivalent to model output drift and applying the same SLAs, without recognizing that training data contamination requires immediate interruption",
     "Relying on periodic human review of model output metrics rather than continuous automated monitoring at feedback path nodes to detect amplification before it compounds across retraining cycles"
    ],
    "update_status": "current",
    "layer_code": "FM"
   },
   {
    "id": "FM-05",
    "layer": "FM",
    "plane": "control",
    "name": "Fairness Incident Response Program",
    "plain": "Organizations must maintain a documented fairness incident response program that defines how detected fairness violations are classified, communicated to affected parties, investigated, remediated, and reported to regulators, with SLAs defined at each stage and a tiered severity structure.",
    "threat": {
     "tags": [
      "fairness-violation-uncontained",
      "disparate-impact-escalation",
      "remediation-delay",
      "regulatory-notification-failure"
     ],
     "desc": "Detected fairness violations without a pre-defined response program lead to ad hoc, politically driven responses that prioritize reputation management over harm mitigation. Without defined communication procedures, affected populations may not be notified of adverse AI-driven decisions affecting them. Unstructured responses also create regulatory exposure because AI regulatory frameworks such as the EU AI Act require documented incident response procedures and timely notification to competent authorities."
    },
    "standard": [
     {
      "id": "eu_ai_act",
      "section": "Art. 73",
      "title": "Reporting of serious incidents to market surveillance authorities"
     },
     {
      "id": "iso_42001",
      "section": "§10.2",
      "title": "Corrective action for AI ethics incidents"
     },
     {
      "id": "nist_rmf",
      "section": "MANAGE 4.3",
      "title": "AI incident tracking, response, communication, and documentation"
     },
     {
      "id": "acm_ethics",
      "section": "§1.2",
      "title": "Avoid harm — mitigation and reporting obligations"
     }
    ],
    "sources": [
     {
      "id": "microsoft_rai_standard_v2_2022",
      "title": "Microsoft Responsible AI Standard v2",
      "authority": "Microsoft Corporation",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2",
      "published_on": "2022-06-21",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.microsoft.com/en-us/ai/responsible-ai",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "microsoft_rai_standard_v2_2022",
      "relationship": "informative_reference",
      "rationale": "Establishes Microsoft Responsible AI Standard v2 requirements informing the apeiris://ethics/controls/FM-05 Fairness Incident Response Program control.",
      "reviewed_on": "2026-07-01"
     },
     {
      "id": "google_ai_principles_2023",
      "title": "Google AI Principles",
      "authority": "Google LLC",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2025",
      "published_on": "2025-02-04",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://ai.google/responsibility/principles/",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "google_ai_principles_2023",
      "relationship": "informative_reference",
      "rationale": "Establishes Google AI Principles requirements informing the apeiris://ethics/controls/FM-05 Fairness Incident Response Program control.",
      "reviewed_on": "2026-07-02"
     },
     {
      "id": "ibm_ai_fairness_360_2021",
      "title": "IBM AI Fairness 360 (AIF360)",
      "authority": "IBM Corporation",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2018",
      "published_on": "2018-09-19",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://github.com/Trusted-AI/AIF360",
      "license": "open-source-apache2",
      "status": "current",
      "flagship": false,
      "source_id": "ibm_ai_fairness_360_2021",
      "relationship": "informative_reference",
      "rationale": "Establishes IBM AI Fairness 360 (AIF360) requirements informing the apeiris://ethics/controls/FM-05 Fairness Incident Response Program control.",
      "reviewed_on": "2026-07-02"
     },
     {
      "id": "meta_llama_responsible_use_2024",
      "title": "Meta Llama Responsible Use Guide",
      "authority": "Meta Platforms, Inc.",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2023",
      "published_on": "2023-07-18",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.llama.com/responsible-use-guide/",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "meta_llama_responsible_use_2024",
      "relationship": "informative_reference",
      "rationale": "Establishes Meta Llama Responsible Use Guide requirements informing the apeiris://ethics/controls/FM-05 Fairness Incident Response Program control.",
      "reviewed_on": "2026-07-02"
     }
    ],
    "implementation": {
     "pattern": "Define a tiered fairness incident classification system with severity levels based on disparity magnitude, affected population size, and decision impact. Pre-define response playbooks for each severity tier. Integrate the incident classification with the monitoring alert system (FM-01) so alerts automatically generate incident records in a fairness incident register with full lifecycle documentation.",
     "steps": [
      "Define fairness incident severity tiers: Tier 1 — minor threshold breach, isolated, no immediate harm; Tier 2 — significant disparity affecting an identifiable population group; Tier 3 — severe violation with material harm potential or regulatory notification requirement.",
      "For each severity tier, document the response playbook: notification recipients and timelines, investigation procedures, interim mitigation options (model rollback, output suppression, human override), remediation options, and closure criteria.",
      "Create a fairness incident register — ticketing system integration or dedicated tool — capturing all incident fields: detection source, affected system, affected population, severity, timeline events, investigation findings, remediation actions, and closure approval.",
      "Integrate the incident register with the monitoring alert system so threshold breach alerts automatically create Tier 1 incidents, with escalation paths to higher tiers based on investigation findings.",
      "Conduct quarterly fairness incident review meetings to analyze trends, update response playbooks based on lessons learned, and verify open incidents are progressing within SLAs."
     ],
     "ethics_officer": {
      "summary": "The fairness incident response program is your primary tool for managing fairness harms after detection. You own the program design, SLA definitions, and escalation authority for Tier 2 and Tier 3 incidents.",
      "actions": [
       "Design and maintain the fairness incident classification taxonomy and response playbooks.",
       "Lead Tier 2 and Tier 3 incident investigations and approve remediation plans.",
       "Chair quarterly fairness incident review meetings and update the program based on lessons learned."
      ],
      "failure_signals": [
       "Tier 2 or Tier 3 fairness incidents progressing without ethics officer involvement in investigation.",
       "Fairness incident response playbooks not reviewed or updated in more than 12 months.",
       "Affected population notification procedures absent from Tier 2 and Tier 3 playbooks."
      ]
     },
     "legal_counsel": {
      "summary": "Fairness incidents may trigger regulatory notification obligations, litigation risk, and affected-party rights claims. You must be integrated into Tier 2 and Tier 3 incident response from the moment of escalation.",
      "actions": [
       "Review all Tier 2 and Tier 3 incident notifications before external communication to assess regulatory notification obligations and legal privilege considerations.",
       "Advise on affected population notification scope and content for incidents involving potential anti-discrimination law violations.",
       "Maintain a regulatory notification log for fairness incidents and coordinate submissions to relevant authorities within required windows."
      ],
      "failure_signals": [
       "Tier 2 or Tier 3 incidents proceeding to external notification without legal review.",
       "Regulatory notification obligations not assessed within defined SLAs for qualifying incidents.",
       "Legal privilege not established for fairness incident investigation documents where applicable."
      ]
     },
     "data_scientist": {
      "summary": "You provide technical analysis during fairness incident investigations. Your role is to determine the root cause of detected disparities and evaluate the technical feasibility and projected impact of remediation options.",
      "actions": [
       "Conduct technical root cause analysis for assigned fairness incidents, identifying whether the disparity originates from training data, feature engineering, model architecture, or deployment context.",
       "Evaluate and document remediation options — model retrain, threshold adjustment, output post-processing, system suspension — with expected impact on fairness metrics.",
       "Implement and validate approved remediation actions and verify through metric recomputation that disparity is resolved before incident closure is approved."
      ],
      "failure_signals": [
       "Fairness incidents closed without documented technical root cause analysis.",
       "Remediation actions implemented without pre/post metric validation.",
       "Technical analysis absent from incident records at closure."
      ]
     },
     "grc_auditor": {
      "summary": "The fairness incident register is a primary compliance artifact demonstrating that the organization detects and responds to fairness violations in a structured, auditable way.",
      "actions": [
       "Audit fairness incident registers quarterly for completeness and SLA adherence.",
       "Verify that all threshold breach events in the monitoring system have corresponding incident records.",
       "Sample closed incidents and verify that root cause analysis, remediation, and closure approval documentation is complete."
      ],
      "metrics": [
       "Incident record completeness rate (all monitoring alerts with incident records): target 100%.",
       "Tier 1 SLA adherence (investigation initiated within 72 hours): target 95%.",
       "Tier 2 SLA adherence (affected population notified within 14 days if required): target 100%.",
       "Tier 3 SLA adherence (regulatory notification within required window): target 100%."
      ],
      "failure_signals": [
       "Monitoring alerts without corresponding incident records.",
       "SLA breaches not documented with exception approvals.",
       "Closed incidents without complete root cause and remediation documentation."
      ]
     },
     "business_stakeholder": {
      "summary": "Fairness incidents affecting business processes require business unit involvement to ensure that interim mitigations do not create unacceptable operational disruption and that permanent remediation is appropriately resourced.",
      "actions": [
       "Designate a business unit incident liaison for each AI system, responsible for coordinating business-side response activities.",
       "Pre-approve interim mitigation playbooks — human review override procedures, output suppression workflows — before incidents occur so they can be activated immediately.",
       "Provide executive sponsorship for fairness incident remediation to ensure resources are available without delay."
      ],
      "failure_signals": [
       "Business unit incident liaisons not designated for AI systems in the business domain.",
       "Interim mitigation options not pre-approved before incidents occur.",
       "Remediation resources not available within defined SLAs due to budget or prioritization issues."
      ]
     }
    },
    "maturity": {
     "current": "initial",
     "target": "defined",
     "notes": "Most organizations address fairness incidents reactively and informally. Formal incident response programs for fairness are rare but are becoming a regulatory expectation under the EU AI Act."
    },
    "capability_risk": {
     "capability_level": "none"
    },
    "tiers": [
     "universal-enterprise",
     "high-risk-sector",
     "eu-high-risk-ai",
     "federated-enterprise"
    ],
    "implementers": [
     "AI Ethics Office",
     "Legal / Compliance",
     "Data Science / ML Engineering",
     "GRC / Internal Audit"
    ],
    "frameworks": [
     {
      "framework": "eu_ai_act",
      "requirement_id": "Art. 73",
      "fit": "direct",
      "rationale": "EU AI Act Article 73 requires providers of high-risk AI systems to report serious incidents and malfunctions to national competent authorities within defined timeframes. A fairness incident response program provides the organizational infrastructure to identify qualifying incidents, assess notification obligations, and execute timely notifications. Without a structured program, organizations cannot reliably meet the regulatory notification timelines required by the Act.",
      "normative_force": "binding-law",
      "source_version": "2024/1689",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "satisfies"
     },
     {
      "framework": "iso_42001",
      "requirement_id": "§10.2",
      "fit": "direct",
      "rationale": "ISO/IEC 42001:2023 clause 10.2 requires organizations to take corrective action when AI ethics nonconformities are detected, including root cause analysis and verification that corrections are effective. The fairness incident response program implements this requirement by providing a structured corrective action process for fairness violations. ISO 42001 certification auditors will examine the incident register as evidence of corrective action capability.",
      "normative_force": "certification-standard",
      "source_version": "2023",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "nist_rmf",
      "requirement_id": "MANAGE 4.3",
      "fit": "direct",
      "rationale": "NIST AI RMF MANAGE 4.3 requires that incidents and errors are communicated to relevant AI actors, including affected communities, and that processes for tracking, responding to, and recovering from incidents are followed and documented. The fairness incident response program implements exactly this for fairness violations, with documented communication plans and SLAs.",
      "normative_force": "voluntary-standard",
      "source_version": "1.0",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "acm_ethics",
      "requirement_id": "§1.2",
      "fit": "partial",
      "rationale": "ACM Code of Ethics §1.2 (Avoid harm) obliges computing professionals to mitigate harm when it occurs and to report signs of system risk. A fairness incident response program institutionalizes that acknowledgment-and-remediation obligation for detected fairness violations at the enterprise level.",
      "normative_force": "best-practice",
      "source_version": "2018",
      "reviewed_on": "2026-07-02",
      "basis": "asserted",
      "relation": "informs"
     },
     {
      "framework": "eu_charter",
      "requirement_id": "Art. 21",
      "fit": "partial",
      "rationale": "EU Charter Article 21's non-discrimination principle implies an obligation not only to avoid discrimination but to remediate it when detected. A fairness incident response program gives institutional form to this remediation obligation by ensuring detected discriminatory outcomes are addressed systematically with defined timelines and stakeholder notifications. The Charter's role as a fundamental rights instrument means organizations operating in EU contexts must demonstrate genuine commitment to remediation, not merely detection.",
      "normative_force": "binding-law",
      "source_version": "2012/C 326/02",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "satisfies"
     },
     {
      "framework": "microsoft_rai",
      "requirement_id": "Goal RS2 (Failures and remediations)",
      "fit": "direct",
      "rationale": "Microsoft's Responsible AI Standard v2 Accountability goals explicitly require organizations to maintain documented incident response procedures for AI-related harms, including fairness violations, with defined escalation paths, stakeholder notification requirements, and remediation timelines. FM-05's Fairness Incident Response Program directly satisfies these accountability requirements by mandating a documented program that classifies fairness violations, communicates to affected parties, defines investigation and remediation procedures, and establishes SLAs at each response stage. The tiered severity structure FM-05 requires is directly aligned with Microsoft RAI's escalation path requirements under the Accountability goals.",
      "normative_force": "best-practice",
      "source_version": "v2 (2022)",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "google_ai_principles",
      "requirement_id": "Responsible development and deployment — appropriate human oversight, due diligence, and feedback mechanisms",
      "fit": "partial",
      "rationale": "Google's current AI Principles (the 2025 revision, which replaced the 2018 seven-principles list with three pillars — Bold innovation; Responsible development and deployment; Collaborative progress) commit to oversight and feedback mechanisms for addressing AI harms when they occur. FM-05's Fairness Incident Response Program supplies the defined procedures — classification, affected-party communication, investigation, remediation, and regulatory reporting within SLAs — that make that commitment operational for fairness harms.",
      "normative_force": "best-practice",
      "source_version": "2025",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "ibm_ai_fairness",
      "requirement_id": "Bias mitigation algorithms (reweighing, adversarial debiasing, calibrated equalized odds postprocessing)",
      "fit": "partial",
      "rationale": "AIF360 implements pre-, in-, and post-processing bias mitigation algorithms — reweighing, adversarial debiasing, calibrated equalized odds postprocessing — that are the technical remediation options for detected fairness violations. FM-05 wraps these technical mitigations in a complete incident lifecycle of classification, communication, investigation, and verification, which the toolkit itself does not prescribe.",
      "normative_force": "best-practice",
      "source_version": "2018",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "meta_llama_rai",
      "requirement_id": "Build transparency and reporting mechanisms; Llama Acceptable Use Policy (separate document)",
      "fit": "adjacent",
      "rationale": "The Responsible Use Guide recommends reporting mechanisms so problems in deployed LLM products can be surfaced and addressed, and the Acceptable Use Policy obliges deployers not to permit prohibited discriminatory uses. FM-05's fairness incident response program supplies the structured intake, investigation, and remediation process that makes those obligations actionable when discriminatory outputs are detected.",
      "normative_force": "best-practice",
      "source_version": "2023",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     }
    ],
    "canonical_id": "apeiris://ethics/controls/FM-05",
    "meta": {
     "authored_on": "2026-06-29",
     "schema_version": "1.1.0"
    },
    "validation_objective": "The organization must have a documented fairness incident response program with defined severity tiers, response playbooks for each tier, a fairness incident register in active use, and evidence that detected fairness threshold breaches in the monitoring system are matched by incident records with complete lifecycle documentation. The control passes if all threshold breach events from the monitoring system have corresponding incident records and no incident SLAs were breached without documented exception approvals.",
    "evidence_required": [
     "Fairness incident response program document specifying severity tier definitions (Tier 1/2/3), response playbooks for each tier including notification timelines, investigation procedures, interim mitigation options, and closure criteria",
     "Fairness incident register excerpts for the trailing 12 months showing records with all required fields: detection source, affected system, affected population, severity, timeline events, investigation findings, remediation actions, and closure approval",
     "SLA adherence report showing Tier 1/2/3 incident timelines against defined SLAs for investigation initiation, affected-party notification, and regulatory notification where applicable",
     "Regulatory notification log showing all Tier 2 and Tier 3 incidents assessed for notification obligations under EU AI Act Art. 73, with legal counsel review records and submission receipts for qualifying incidents",
     "Quarterly fairness incident review meeting minutes documenting trend analysis, playbook updates based on lessons learned, and open incident status"
    ],
    "machine_tests": [
     "Trigger a fairness monitoring threshold breach in the test environment → assert an incident record is automatically created in the fairness incident register within the defined SLA with correct severity classification and linked alert ID",
     "Query the fairness incident register and cross-reference against FM-01 threshold breach alert history for the trailing 90 days → assert 100% of breach alerts have corresponding incident records with no orphaned alerts",
     "Retrieve all Tier 2 and Tier 3 incidents from the trailing 12 months → assert each has a documented legal counsel review record and, for qualifying incidents, a regulatory notification with timestamped submission proof"
    ],
    "human_review": [
     "Review fairness incident response playbooks to verify affected-party notification procedures are defined for Tier 2 and Tier 3 incidents, including communication templates and authorization requirements before external contact",
     "Assess incident register completeness by sampling closed incidents and verifying technical root cause analysis, remediation action documentation, pre/post metric validation, and closure approval are present for each",
     "Verify that quarterly fairness incident review meetings are occurring with ethics officer involvement and that lessons learned are reflected in documented playbook updates"
    ],
    "blocking_effect": "requires-review",
    "normative_status": "binding-law",
    "anti_patterns": [
     "Managing fairness incidents through general IT incident response ticketing without a dedicated fairness severity taxonomy, causing fairness violations to be triaged as low-priority technical defects",
     "Defining incident response playbooks that omit affected-party notification procedures for Tier 2 and Tier 3 incidents, prioritizing reputation management over harm disclosure to affected individuals",
     "Closing fairness incidents based on metric threshold return to normal without technical root cause analysis, leaving the underlying cause unaddressed and subject to recurrence",
     "Not integrating fairness incident handling with legal counsel review, resulting in regulatory notification obligations under EU AI Act Art. 73 being missed or delayed beyond required windows",
     "Maintaining a fairness incident register disconnected from the monitoring alert system, creating gaps where informally acknowledged threshold breaches do not generate formal incident records"
    ],
    "update_status": "current",
    "layer_code": "FM"
   },
   {
    "id": "FM-06",
    "layer": "FM",
    "plane": "data",
    "name": "AI Performance Divergence by Demographic Group",
    "plain": "AI systems must have their performance metrics computed and tracked separately for each relevant demographic subgroup, with alerts triggered when performance gaps between groups exceed defined tolerances indicating potential bias or systematic data quality differences.",
    "threat": {
     "tags": [
      "demographic-performance-gap",
      "subgroup-accuracy-degradation",
      "data-quality-skew",
      "representation-gap"
     ],
     "desc": "Aggregate performance metrics mask subgroup-level performance failures. A model achieving 95% overall accuracy may perform at 70% accuracy for minority subgroups if those subgroups are underrepresented in training data or have systematically different feature distributions. In high-stakes domains such as medical diagnosis, criminal justice, and employment, these performance gaps translate directly to discriminatory outcomes. The harms are invisible unless performance is explicitly disaggregated by demographic dimension and monitored continuously."
    },
    "standard": [
     {
      "id": "nist_rmf",
      "section": "MEASURE 2.3",
      "title": "Subgroup performance evaluation"
     },
     {
      "id": "eu_ai_act",
      "section": "Art. 10(2)(f)",
      "title": "Training data representativeness requirements"
     },
     {
      "id": "ibm_ai_fairness",
      "section": "Disaggregated subgroup metrics",
      "title": "AIF360 disaggregated performance metrics"
     },
     {
      "id": "google_ai_principles",
      "section": "Responsible development and deployment",
      "title": "Mitigating unintended or harmful outcomes and avoiding unfair bias"
     }
    ],
    "sources": [
     {
      "id": "google_ai_principles_2023",
      "title": "Google AI Principles",
      "authority": "Google LLC",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2025",
      "published_on": "2025-02-04",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://ai.google/responsibility/principles/",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "google_ai_principles_2023",
      "relationship": "informative_reference",
      "rationale": "Establishes Google AI Principles requirements informing the apeiris://ethics/controls/FM-06 AI Performance Divergence by Demographic Group control.",
      "reviewed_on": "2026-07-02"
     },
     {
      "id": "ibm_ai_fairness_360_2021",
      "title": "IBM AI Fairness 360 (AIF360)",
      "authority": "IBM Corporation",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2018",
      "published_on": "2018-09-19",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://github.com/Trusted-AI/AIF360",
      "license": "open-source-apache2",
      "status": "current",
      "flagship": false,
      "source_id": "ibm_ai_fairness_360_2021",
      "relationship": "informative_reference",
      "rationale": "Establishes IBM AI Fairness 360 (AIF360) requirements informing the apeiris://ethics/controls/FM-06 AI Performance Divergence by Demographic Group control.",
      "reviewed_on": "2026-07-02"
     },
     {
      "id": "microsoft_rai_standard_v2_2022",
      "title": "Microsoft Responsible AI Standard v2",
      "authority": "Microsoft Corporation",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2",
      "published_on": "2022-06-21",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.microsoft.com/en-us/ai/responsible-ai",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "microsoft_rai_standard_v2_2022",
      "relationship": "informative_reference",
      "rationale": "Establishes Microsoft Responsible AI Standard v2 requirements informing the apeiris://ethics/controls/FM-06 AI Performance Divergence by Demographic Group control.",
      "reviewed_on": "2026-07-01"
     },
     {
      "id": "meta_llama_responsible_use_2024",
      "title": "Meta Llama Responsible Use Guide",
      "authority": "Meta Platforms, Inc.",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2023",
      "published_on": "2023-07-18",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.llama.com/responsible-use-guide/",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "meta_llama_responsible_use_2024",
      "relationship": "informative_reference",
      "rationale": "Establishes Meta Llama Responsible Use Guide requirements informing the apeiris://ethics/controls/FM-06 AI Performance Divergence by Demographic Group control.",
      "reviewed_on": "2026-07-02"
     }
    ],
    "implementation": {
     "pattern": "Instrument the AI system's scoring and output pipeline to tag each prediction with available demographic context, using privacy-compliant proxies where direct demographic data is unavailable. Compute standard performance metrics disaggregated by each demographic dimension on a defined schedule. Store disaggregated metrics in the fairness time-series store alongside aggregate metrics. Alert when within-metric performance gaps exceed configured thresholds.",
     "steps": [
      "Map the demographic dimensions relevant to each AI system and determine which are available directly in the data pipeline versus which require privacy-compliant proxy estimation techniques.",
      "Define the performance metric suite to be disaggregated: task-appropriate metrics — accuracy, precision, recall, F1 for classifiers; RMSE, MAE for regressors; NDCG for rankers — plus calibration by group.",
      "Implement disaggregated metric computation in the monitoring pipeline, storing per-subgroup metrics alongside aggregate metrics with sample counts and confidence intervals for each subgroup.",
      "Configure performance gap alerts: define maximum acceptable performance difference between highest- and lowest-performing demographic subgroups for each metric, with tighter thresholds for high-risk decision contexts.",
      "Implement a demographic coverage report that tracks subgroup sample sizes over time and alerts when any subgroup falls below the minimum sample size required for statistically valid metric computation."
     ],
     "ethics_officer": {
      "summary": "Disaggregated performance monitoring makes visible the unequal distribution of AI system errors across demographic groups. This visibility is foundational to making ethically defensible deployment decisions.",
      "actions": [
       "Require disaggregated performance reports for all AI systems as a prerequisite for deployment approval in high-risk contexts.",
       "Establish policy on maximum acceptable performance gaps between demographic groups for each system class.",
       "Review disaggregated performance trends in monthly monitoring reviews and escalate widening gaps as fairness incidents."
      ],
      "failure_signals": [
       "High-risk AI systems with performance evaluated only at aggregate level.",
       "Performance gap thresholds not defined for any in-scope AI system.",
       "Widening demographic performance gaps not escalated as fairness incidents."
      ]
     },
     "data_scientist": {
      "summary": "Disaggregated performance analysis requires careful handling of small subgroup sample sizes, feature representation gaps, and the choice of appropriate metrics for each task type.",
      "actions": [
       "Implement the disaggregated metric pipeline with explicit confidence interval computation and flagging of subgroups below minimum sample size thresholds.",
       "Investigate identified performance gaps to determine root cause: underrepresentation in training data, feature quality differences, label quality differences, or distribution shift.",
       "Apply appropriate techniques — oversampling, reweighting, data augmentation, group-specific calibration — to address identified performance gaps and validate improvements through monitoring."
      ],
      "failure_signals": [
       "Performance gaps identified in monitoring not investigated to root cause.",
       "Small subgroup performance metrics reported without confidence intervals or sample size context.",
       "Root cause investigations not documented in incident records."
      ]
     },
     "grc_auditor": {
      "summary": "Disaggregated performance records provide direct evidence of whether the organization's AI systems produce equitable outcomes across demographic groups. This evidence is central to regulatory compliance demonstrations.",
      "actions": [
       "Audit disaggregated performance records for completeness and verify that all relevant demographic dimensions are tracked.",
       "Sample performance gap alert history and verify alerts were generated correctly when gap thresholds were breached.",
       "Verify that identified performance gaps are linked to incident records with appropriate remediation actions."
      ],
      "metrics": [
       "Percentage of in-scope AI systems with disaggregated performance monitoring active: target 100%.",
       "Subgroup coverage rate (percentage of relevant demographic dimensions tracked per system): target 100%.",
       "Performance gap alerts correlated to incident records: target 100%."
      ],
      "failure_signals": [
       "AI systems with only aggregate performance metrics in monitoring records.",
       "Performance gap alerts not correlated to incident records.",
       "Demographic dimensions relevant to the decision context not included in disaggregation."
      ]
     },
     "business_stakeholder": {
      "summary": "Performance gaps across demographic groups create both ethical obligations and business risk. Customers and regulators expect consistent performance regardless of demographic background.",
      "actions": [
       "Include demographic performance gap metrics in AI system business performance dashboards.",
       "Establish business-level tolerance thresholds for performance gaps that are at least as stringent as the technical monitoring thresholds.",
       "Include performance gap status in senior leadership AI governance reporting."
      ],
      "failure_signals": [
       "Business performance dashboards showing only aggregate AI performance metrics.",
       "Business tolerance thresholds for performance gaps more lenient than technical thresholds.",
       "Performance gap trends not included in senior leadership AI governance reporting."
      ]
     }
    },
    "maturity": {
     "current": "initial",
     "target": "defined",
     "notes": "Aggregate-only performance reporting is the norm in most organizations. Systematic disaggregated monitoring is an advanced practice beginning to emerge as a regulatory expectation."
    },
    "capability_risk": {
     "capability_level": "none"
    },
    "tiers": [
     "universal-enterprise",
     "high-risk-sector",
     "eu-high-risk-ai",
     "cloud-native"
    ],
    "implementers": [
     "Data Science / ML Engineering",
     "AI Ethics Office",
     "Platform Engineering"
    ],
    "frameworks": [
     {
      "framework": "nist_rmf",
      "requirement_id": "MEASURE 2.3",
      "fit": "direct",
      "rationale": "NIST AI RMF MEASURE 2.3 requires that AI system performance be evaluated across relevant demographic subgroups, not only at the aggregate level. This control directly implements that measurement requirement by defining a systematic disaggregated performance monitoring protocol for production systems. NIST explicitly notes that aggregate performance metrics can mask significant subgroup-level failures, making disaggregated evaluation essential for trustworthy AI.",
      "normative_force": "voluntary-standard",
      "source_version": "1.0",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "eu_ai_act",
      "requirement_id": "Art. 10(2)(f)",
      "fit": "direct",
      "rationale": "EU AI Act Art. 10(2)(f) requires that training data for high-risk AI systems be examined for possible biases that could affect health, safety, or fundamental rights, with data gaps addressed. Disaggregated performance monitoring extends this examination to production by detecting whether representation gaps in training data are manifesting as performance disparities in deployment. EU notified bodies expect to see evidence of ongoing subgroup performance evaluation as part of conformity assessments.",
      "normative_force": "binding-law",
      "source_version": "2024/1689",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "satisfies"
     },
     {
      "framework": "ibm_ai_fairness",
      "requirement_id": "Disaggregated (subgroup) performance metrics",
      "fit": "direct",
      "rationale": "AIF360 computes metrics disaggregated by specified subgroups, providing validated implementations for the per-group performance evaluation FM-06 requires. Continuous use in production means scheduling batch metric runs per monitoring cycle; the toolkit itself is a library, not a monitoring service.",
      "normative_force": "best-practice",
      "source_version": "2018",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "google_ai_principles",
      "requirement_id": "Responsible development and deployment — mitigating unintended or harmful outcomes and avoiding unfair bias",
      "fit": "partial",
      "rationale": "Google's current AI Principles (the 2025 revision, which replaced the 2018 seven-principles list with three pillars — Bold innovation; Responsible development and deployment; Collaborative progress) commit to testing and monitoring across the people AI serves, avoiding unfair bias. FM-06's disaggregated performance monitoring extends pre-deployment testing into continuous production surveillance by demographic subgroup, consistent with the disaggregated reporting popularized by Google's model cards work.",
      "normative_force": "best-practice",
      "source_version": "2025",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "un_ethics_ai",
      "requirement_id": "¶28–¶30 (Fairness and non-discrimination)",
      "fit": "partial",
      "rationale": "UNESCO Recommendation ¶28–30 call for AI systems that do not perpetuate or amplify existing inequalities. Disaggregated performance monitoring fulfills the verification side of this expectation by providing ongoing visibility into whether AI systems produce equal-quality outcomes across demographic groups.",
      "normative_force": "voluntary-standard",
      "source_version": "2021",
      "reviewed_on": "2026-07-02",
      "basis": "asserted",
      "relation": "informs"
     },
     {
      "framework": "microsoft_rai",
      "requirement_id": "Goal F1 (Quality of service — disaggregated evaluation)",
      "fit": "direct",
      "rationale": "Microsoft's Responsible AI Standard v2 Fairness goals explicitly require that AI system performance be measured and tracked disaggregated by demographic subgroup, with defined tolerances for acceptable performance gaps that trigger review when exceeded. FM-06's AI Performance Divergence by Demographic Group directly implements this requirement by mandating computation and tracking of performance metrics separately for each relevant demographic subgroup, with alerts triggered when gaps between subgroups exceed defined tolerances. The subgroup-level performance monitoring in FM-06 satisfies Microsoft RAI's fairness goal for demographic performance parity.",
      "normative_force": "best-practice",
      "source_version": "v2 (2022)",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "meta_llama_rai",
      "requirement_id": "Model-level alignment — Evaluate and improve performance",
      "fit": "partial",
      "rationale": "The Responsible Use Guide's evaluation guidance recommends assessing model performance across use cases and user populations and improving where evaluations reveal gaps. FM-06's disaggregated performance monitoring makes that assessment systematic and continuous in production, alerting when subgroup performance divergence indicates bias or data-quality issues.",
      "normative_force": "best-practice",
      "source_version": "2023",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     }
    ],
    "canonical_id": "apeiris://ethics/controls/FM-06",
    "meta": {
     "authored_on": "2026-06-29",
     "schema_version": "1.1.0"
    },
    "validation_objective": "Performance metrics for every in-scope AI system must be computed and stored separately for each relevant demographic subgroup on the defined monitoring schedule, with alerts configured to trigger when the gap between the best-performing and worst-performing subgroup exceeds the defined tolerance for any metric. The control passes if no AI system's monitoring records contain only aggregate performance metrics, and all performance gap alerts have corresponding fairness incident records.",
    "evidence_required": [
     "Disaggregated performance metric records for each AI system showing per-subgroup values for all relevant metrics with sample counts and 95% confidence intervals per subgroup",
     "Demographic coverage configuration showing which dimensions are tracked per system, with documented rationale for any dimension excluded despite relevance to the decision context",
     "Performance gap alert history for the trailing monitoring period showing all events where between-group gaps exceeded defined thresholds, with timestamps, gap magnitude, and linked incident records",
     "Subgroup sample size monitoring records showing minimum sample size threshold compliance alerts for each demographic dimension, preventing statistically invalid metric computation",
     "Fairness metric time-series showing per-subgroup performance trends over at least the trailing 6 monitoring cycles to detect gradual divergence"
    ],
    "machine_tests": [
     "Query the monitoring database for all in-scope AI systems → assert 100% have disaggregated performance records with per-subgroup metrics and confidence intervals, with zero systems having only aggregate metrics",
     "Inject synthetic inference batch where demographic group A achieves 95% accuracy and group B achieves 72% accuracy, exceeding the defined gap tolerance → assert a performance gap alert is triggered and linked to a fairness incident record within the defined SLA",
     "Query subgroup sample size records for the trailing month → assert any subgroup falling below the minimum statistical validity threshold generated a coverage alert with documented response action",
     "Retrieve disaggregated metric records for the trailing 6 monitoring cycles → assert widening gaps with statistically significant trend slopes were escalated as fairness incidents"
    ],
    "human_review": [
     "Review the demographic dimension coverage configuration for each in-scope AI system to verify that all dimensions relevant to the decision context are tracked and that exclusions are documented with substantiated rationale",
     "Assess root cause analysis documentation for identified performance gaps to confirm whether the cause was attributed to training data underrepresentation, feature quality differences, label noise, or distribution shift, with remediation plans documented for each",
     "Verify that disaggregated performance reports for high-risk AI systems were reviewed and signed off by the ethics officer as a prerequisite for deployment approval"
    ],
    "blocking_effect": "advisory",
    "normative_status": "binding-law",
    "anti_patterns": [
     "Reporting only aggregate performance metrics in model cards, monitoring dashboards, and governance reviews while acknowledging awareness of subgroup performance differences without systematic measurement",
     "Monitoring performance gaps for legally mandated protected characteristics only, excluding correlated proxy attributes that produce equivalent disparate impact",
     "Setting identical performance gap thresholds across all AI systems regardless of decision consequence severity, giving high-risk decisions the same tolerance as low-stakes recommendations",
     "Treating small subgroup sample sizes as a sufficient justification to exclude demographic dimensions from performance monitoring rather than as a finding requiring training data collection improvement",
     "Routing disaggregated performance gap alerts to general monitoring dashboards without requiring incident records, allowing identified disparities to remain unaddressed without documented escalation"
    ],
    "update_status": "current",
    "layer_code": "FM"
   },
   {
    "id": "FM-07",
    "layer": "FM",
    "plane": "control",
    "name": "Fairness Monitoring Audit Trail",
    "plain": "All fairness monitoring activities — metric computations, threshold evaluations, alert events, manual overrides, configuration changes, and governance review actions — must be logged to a tamper-evident, append-only audit trail with cryptographic hash-chain integrity protection and defined retention.",
    "threat": {
     "tags": [
      "audit-trail-manipulation",
      "monitoring-evidence-gap",
      "governance-accountability-failure",
      "tamper-risk"
     ],
     "desc": "Without a tamper-evident audit trail, organizations cannot demonstrate to regulators or courts that their fairness monitoring program operated as documented. Monitoring logs can be deleted, backdated, or modified to conceal threshold breaches that were not acted upon. In regulatory proceedings, the absence of a reliable audit trail shifts presumptions of liability and prevents the organization from mounting evidence-based defenses against discrimination claims."
    },
    "standard": [
     {
      "id": "eu_ai_act",
      "section": "Art. 12",
      "title": "Logging requirements for high-risk AI systems"
     },
     {
      "id": "iso_42001",
      "section": "§9.1",
      "title": "Documented evidence of monitoring activities"
     },
     {
      "id": "nist_rmf",
      "section": "GOVERN 4.2",
      "title": "AI risk management documentation and traceability"
     },
     {
      "id": "acm_ethics",
      "section": "§2.5",
      "title": "Comprehensive evaluations — documentation supporting review"
     }
    ],
    "sources": [
     {
      "id": "microsoft_rai_standard_v2_2022",
      "title": "Microsoft Responsible AI Standard v2",
      "authority": "Microsoft Corporation",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2",
      "published_on": "2022-06-21",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.microsoft.com/en-us/ai/responsible-ai",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "microsoft_rai_standard_v2_2022",
      "relationship": "informative_reference",
      "rationale": "Establishes Microsoft Responsible AI Standard v2 requirements informing the apeiris://ethics/controls/FM-07 Fairness Monitoring Audit Trail control.",
      "reviewed_on": "2026-07-01"
     },
     {
      "id": "google_ai_principles_2023",
      "title": "Google AI Principles",
      "authority": "Google LLC",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2025",
      "published_on": "2025-02-04",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://ai.google/responsibility/principles/",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "google_ai_principles_2023",
      "relationship": "informative_reference",
      "rationale": "Establishes Google AI Principles requirements informing the apeiris://ethics/controls/FM-07 Fairness Monitoring Audit Trail control.",
      "reviewed_on": "2026-07-02"
     }
    ],
    "implementation": {
     "pattern": "Deploy a dedicated fairness monitoring log store with append-only write semantics, cryptographic hash chaining where each log entry includes the SHA-256 hash of the previous entry, and periodic Merkle tree root publication to an external verifiable reference point. Log entries are signed with the identity of the generating process or user. Unauthorized modification of any log entry invalidates all subsequent entries' hash chains.",
     "steps": [
      "Define the fairness monitoring log entry schema: timestamp (UTC), event type (metric_computation, threshold_evaluation, alert_triggered, alert_acknowledged, configuration_change, governance_review, manual_override), actor identity, affected system ID, metric values or summary, threshold values, and narrative for governance events.",
      "Deploy an append-only log store — immutable cloud storage with object lock, WORM-compliant storage, or a dedicated audit log service — with write access restricted to monitoring pipeline service accounts and audit event emitters.",
      "Implement hash-chain integrity protection: each log entry includes a SHA-256 hash of the previous entry's content, forming a chain where any modification to a past entry is detectable by chain validation.",
      "Configure all FM-layer components (FM-01 through FM-06) to emit structured log events to the audit trail for every monitoring action within their scope.",
      "Implement a log integrity verification job that runs daily, alerts on any hash-chain validation failure, and publishes a signed integrity report to the governance dashboard."
     ],
     "ethics_officer": {
      "summary": "The audit trail is the evidentiary foundation for demonstrating that the fairness monitoring program operated with integrity. You must ensure the audit trail captures all governance-relevant actions with sufficient context for regulatory and legal use.",
      "actions": [
       "Approve the audit trail schema and verify that governance review actions are logged with sufficient narrative to support third-party review.",
       "Require log integrity verification reports as part of quarterly governance reviews.",
       "Ensure audit trail retention policy aligns with the longest applicable regulatory retention requirement."
      ],
      "failure_signals": [
       "Governance review actions not captured in the audit trail.",
       "Audit trail integrity verification not performed on the defined schedule.",
       "Audit trail retention period shorter than the applicable regulatory retention requirement."
      ]
     },
     "data_scientist": {
      "summary": "You are responsible for implementing audit trail emission throughout the monitoring pipeline, ensuring every metric computation and threshold evaluation is captured with sufficient technical metadata for independent reconstruction.",
      "actions": [
       "Instrument all fairness metric computation jobs to emit structured log events with computation metadata: tool version, dataset version hash, sample counts, computed values, and confidence intervals.",
       "Implement hash-chain generation and verification in the audit log writer component with unit tests verifying chain integrity.",
       "Provide a log replay capability that can reconstruct the complete monitoring history from the audit trail for any time window, useful for investigation and audit support."
      ],
      "failure_signals": [
       "Metric computation jobs not emitting structured audit events.",
       "Hash-chain validation failures not alerting correctly.",
       "Log replay capability not tested or documented."
      ]
     },
     "grc_auditor": {
      "summary": "The tamper-evident audit trail is the primary evidence artifact for demonstrating monitoring program integrity to external auditors and regulators. You must verify completeness, integrity, and regulatory compliance of the trail.",
      "actions": [
       "Perform independent hash-chain verification on a sample of audit trail segments at each audit cycle.",
       "Verify that all event types defined in the schema are represented in the audit trail and that no coverage gaps exist relative to monitoring system records.",
       "Confirm that audit trail retention, access controls, and export capabilities meet applicable regulatory requirements."
      ],
      "metrics": [
       "Audit trail coverage rate (percentage of monitoring events with corresponding log entries): target 100%.",
       "Hash-chain integrity verification success rate: target 100%.",
       "Audit trail availability SLA: target 99.9%."
      ],
      "failure_signals": [
       "Hash-chain validation failures not investigated and resolved within 24 hours.",
       "Monitoring events found in other system logs that are absent from the audit trail.",
       "Audit trail access logs showing unauthorized read or write attempts."
      ]
     },
     "legal_counsel": {
      "summary": "The audit trail must be preserved in a form admissible as evidence in regulatory proceedings and litigation. You must advise on retention requirements, chain-of-custody, and privilege considerations.",
      "actions": [
       "Advise on audit trail retention period requirements under applicable law — EU AI Act, anti-discrimination statutes, sector-specific requirements — and ensure retention policy reflects the longest applicable requirement.",
       "Establish legal hold procedures that preserve audit trail segments when fairness incidents escalate to potential litigation.",
       "Review audit trail format and integrity mechanisms for admissibility as electronic evidence in applicable jurisdictions."
      ],
      "failure_signals": [
       "Audit trail retention period not reviewed against applicable regulatory requirements.",
       "Legal hold procedures not defined for fairness-related audit trail segments.",
       "Audit trail format not reviewed for electronic evidence admissibility requirements."
      ]
     }
    },
    "maturity": {
     "current": "initial",
     "target": "defined",
     "notes": "Tamper-evident audit trails for AI fairness monitoring are rare. Most organizations rely on conventional application logs without integrity protection, formal retention management, or chain-of-custody controls."
    },
    "capability_risk": {
     "capability_level": "none"
    },
    "tiers": [
     "universal-enterprise",
     "high-risk-sector",
     "eu-high-risk-ai",
     "federated-enterprise",
     "cloud-native"
    ],
    "implementers": [
     "Platform Engineering",
     "Data Science / ML Engineering",
     "GRC / Internal Audit",
     "Legal / Compliance"
    ],
    "frameworks": [
     {
      "framework": "eu_ai_act",
      "requirement_id": "Art. 12",
      "fit": "direct",
      "rationale": "EU AI Act Article 12 requires that high-risk AI systems incorporate automatic logging capabilities that enable monitoring of system operation throughout its lifetime, and that logs be accessible to competent authorities. A tamper-evident audit trail directly fulfills this requirement by providing a complete, integrity-protected record of all monitoring activities. EU enforcement guidance indicates that logging systems must be designed to prevent unauthorized modification of records, aligning with the hash-chain integrity approach specified in this control.",
      "normative_force": "binding-law",
      "source_version": "2024/1689",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "satisfies"
     },
     {
      "framework": "iso_42001",
      "requirement_id": "§9.1",
      "fit": "direct",
      "rationale": "ISO/IEC 42001:2023 clause 9.1 requires organizations to retain documented information as evidence of AI system monitoring and evaluation results. A tamper-evident audit trail provides the required documented information in a form that satisfies the integrity requirements of an ISO 42001 certification audit. Auditors will specifically look for evidence that monitoring records cannot be modified after the fact as a key conformity indicator.",
      "normative_force": "certification-standard",
      "source_version": "2023",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "nist_rmf",
      "requirement_id": "GOVERN 4.2",
      "fit": "direct",
      "rationale": "NIST AI RMF GOVERN 4.2 requires that organizational teams document AI risks and impacts in support of accountability. A tamper-evident audit trail provides that documentation in a form that supports retrospective review, maintaining an unalterable record of monitoring decisions and actions.",
      "normative_force": "voluntary-standard",
      "source_version": "1.0",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "acm_ethics",
      "requirement_id": "§2.5",
      "fit": "partial",
      "rationale": "ACM Code of Ethics §2.5 requires computing professionals to give comprehensive and thorough evaluations of computer systems and their impacts. A tamper-evident audit trail creates the evidentiary foundation for such evaluation and review by preserving a complete, verifiable record of all fairness monitoring actions.",
      "normative_force": "best-practice",
      "source_version": "2018",
      "reviewed_on": "2026-07-02",
      "basis": "asserted",
      "relation": "informs"
     },
     {
      "framework": "microsoft_rai",
      "requirement_id": "Goal RS3 (Ongoing monitoring, feedback, and evaluation)",
      "fit": "partial",
      "rationale": "Microsoft's Responsible AI Standard v2 Goal RS3 (ongoing monitoring, feedback, and evaluation) requires teams to maintain records of AI system monitoring activities that support accountability review. Tamper-evident logging directly implements this accountability documentation requirement. Microsoft's guidance on audit trails for AI systems emphasizes the importance of integrity protection and retention management for regulatory compliance and internal governance.",
      "normative_force": "best-practice",
      "source_version": "v2 (2022)",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "google_ai_principles",
      "requirement_id": "Responsible development and deployment — appropriate human oversight, due diligence, and feedback mechanisms",
      "fit": "partial",
      "rationale": "Google's current AI Principles (the 2025 revision, which replaced the 2018 seven-principles list with three pillars — Bold innovation; Responsible development and deployment; Collaborative progress) commit to oversight and due diligence that can support external review. FM-07's tamper-evident, hash-chained audit trail of fairness monitoring activity gives that commitment technical enforceability, ensuring monitoring records are reliable evidence rather than modifiable logs.",
      "normative_force": "best-practice",
      "source_version": "2025",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     }
    ],
    "canonical_id": "apeiris://ethics/controls/FM-07",
    "meta": {
     "authored_on": "2026-06-29",
     "schema_version": "1.1.0"
    },
    "validation_objective": "All fairness monitoring events — metric computations, threshold evaluations, alert triggers, alert acknowledgments, configuration changes, governance review actions, and manual overrides — must be logged to an append-only store with SHA-256 hash-chain integrity, with daily integrity verification confirming no chain validation failures. The control passes if every monitoring event in FM-layer system records has a corresponding audit log entry, and the hash chain covering the full retention period validates without error.",
    "evidence_required": [
     "Audit trail integrity verification reports for the trailing 30 days confirming SHA-256 hash-chain validation success for all entries, with timestamps, signing identity, and Merkle root publication records",
     "Audit trail coverage reconciliation report showing percentage of monitoring events from FM-01 through FM-06 with corresponding log entries, with any coverage gaps identified and root-cause documented",
     "Append-only storage configuration attestation showing object lock, WORM compliance, or equivalent immutability controls enabled for the audit log store, with write access restricted to authorized service accounts",
     "Log retention policy document specifying retention period for each event category aligned to the longest applicable regulatory requirement, with storage lifecycle rules configured to enforce the policy",
     "Access control audit showing read and write permissions for the audit trail store with unauthorized access attempt alerts configured and no unauthorized access in the trailing period"
    ],
    "machine_tests": [
     "Attempt to modify a historical audit log entry directly in the log store → assert the immutable storage layer rejects the write and a tamper-attempt alert is generated within 60 seconds",
     "Run the hash-chain validation job against the full audit trail → assert zero chain breaks across all entries and the validation completion record is signed by the designated verification identity",
     "Trigger a fairness metric computation event → assert a corresponding structured log entry appears in the audit trail within 60 seconds with all required fields: timestamp, event_type, actor_identity, system_id, metric_values, and prev_entry_hash",
     "Query the audit trail for all governance_review event types from the trailing 90 days → assert each ethics officer review action has a corresponding log entry with narrative field populated and reviewer identity confirmed"
    ],
    "human_review": [
     "Perform independent hash-chain verification on a randomly selected 10% sample of audit trail segments from the trailing monitoring period using a verification method independent of the production verification job",
     "Assess audit trail retention policy alignment against the longest applicable regulatory requirement across all jurisdictions in which monitored AI systems operate, with documented legal counsel sign-off",
     "Review the audit trail schema to verify that governance review, manual override, and configuration change events include sufficient narrative context for a third-party regulator to understand the action taken and its authorization"
    ],
    "blocking_effect": "advisory",
    "normative_status": "binding-law",
    "anti_patterns": [
     "Storing fairness monitoring logs in mutable application log stores such as standard database tables with UPDATE privileges or overwritable log files, enabling retroactive modification without detection",
     "Implementing hash-chain integrity protection on metric computation events but not on governance review, manual override, and configuration change events, leaving the most governance-sensitive entries unprotected",
     "Running hash-chain validation only on demand or at audit time rather than daily, allowing the detection window for a chain break to span months of undetected tampering",
     "Defining audit trail retention periods based on storage cost rather than the longest applicable regulatory requirement, resulting in logs that cannot support regulatory inquiries covering the full statutory period",
     "Granting broad write access to the audit log store to all monitoring pipeline engineers rather than restricting writes to designated service accounts, undermining the append-only integrity the log store is meant to provide"
    ],
    "update_status": "current",
    "layer_code": "FM"
   },
   {
    "id": "FM-08",
    "layer": "FM",
    "plane": "both",
    "name": "Fairness Monitoring Evidence Package",
    "plain": "Organizations must compile a Fairness Monitoring Evidence Package for each AI system that aggregates evidence from FM-01 through FM-07, demonstrating that production fairness is systematically monitored, thresholds are enforced, incidents are responded to, and audit trails are maintained.",
    "threat": {
     "tags": [
      "evidence-gap",
      "compliance-assertion-failure",
      "audit-readiness-failure",
      "regulatory-exposure"
     ],
     "desc": "Without a compiled evidence package, compliance with fairness monitoring requirements cannot be efficiently demonstrated to regulators, auditors, or in legal proceedings. Organizations with mature monitoring practices but poorly assembled evidence may be treated as non-compliant during audits, while poorly structured evidence packages make it impossible to verify that monitoring actually occurred. The evidence package disciplines the entire FM layer by requiring that each control produce verifiable artifacts suitable for external scrutiny."
    },
    "standard": [
     {
      "id": "eu_ai_act",
      "section": "Art. 11",
      "title": "Technical documentation requirements"
     },
     {
      "id": "iso_42001",
      "section": "§9.3",
      "title": "Management review and evidence compilation"
     },
     {
      "id": "nist_rmf",
      "section": "MEASURE 2.11",
      "title": "Demonstrated fairness evaluation results and evidence"
     },
     {
      "id": "ieee_7000",
      "section": "Clause 10",
      "title": "Ethical risk-based design documentation and review"
     }
    ],
    "sources": [
     {
      "id": "microsoft_rai_standard_v2_2022",
      "title": "Microsoft Responsible AI Standard v2",
      "authority": "Microsoft Corporation",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2",
      "published_on": "2022-06-21",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.microsoft.com/en-us/ai/responsible-ai",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "microsoft_rai_standard_v2_2022",
      "relationship": "informative_reference",
      "rationale": "Establishes Microsoft Responsible AI Standard v2 requirements informing the apeiris://ethics/controls/FM-08 Fairness Monitoring Evidence Package control.",
      "reviewed_on": "2026-07-01"
     },
     {
      "id": "google_ai_principles_2023",
      "title": "Google AI Principles",
      "authority": "Google LLC",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2025",
      "published_on": "2025-02-04",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://ai.google/responsibility/principles/",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "google_ai_principles_2023",
      "relationship": "informative_reference",
      "rationale": "Establishes Google AI Principles requirements informing the apeiris://ethics/controls/FM-08 Fairness Monitoring Evidence Package control.",
      "reviewed_on": "2026-07-02"
     },
     {
      "id": "anthropic_rsp_2024",
      "title": "Anthropic Responsible Scaling Policy v3.3",
      "authority": "Anthropic, PBC",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "3.3",
      "published_on": "2026-05-26",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.anthropic.com/responsible-scaling-policy",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "anthropic_rsp",
      "relationship": "informative_reference",
      "rationale": "Establishes Anthropic Responsible Scaling Policy v3.3 requirements informing the apeiris://ethics/controls/FM-08 Fairness Monitoring Evidence Package control.",
      "reviewed_on": "2026-07-02"
     },
     {
      "id": "meta_llama_responsible_use_2024",
      "title": "Meta Llama Responsible Use Guide",
      "authority": "Meta Platforms, Inc.",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2023",
      "published_on": "2023-07-18",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.llama.com/responsible-use-guide/",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "meta_llama_responsible_use_2024",
      "relationship": "informative_reference",
      "rationale": "Establishes Meta Llama Responsible Use Guide requirements informing the apeiris://ethics/controls/FM-08 Fairness Monitoring Evidence Package control.",
      "reviewed_on": "2026-07-02"
     }
    ],
    "implementation": {
     "pattern": "Define a standardized Fairness Monitoring Evidence Package template specifying required artifacts from each FM control. Automate evidence collection by configuring each FM control's outputs to be tagged for evidence package inclusion. Generate packages on a defined review cadence and upon triggering events. Store packages with version control, access control, and defined retention aligned to the longest applicable regulatory requirement.",
     "steps": [
      "Define the evidence package template specifying required artifacts from each FM control: monitoring configuration records (FM-01), threshold governance registry entries (FM-02), fairness metric time-series excerpts (FM-03), feedback loop maps and monitoring results (FM-04), incident register excerpts (FM-05), disaggregated performance records (FM-06), and audit trail integrity verification reports (FM-07).",
      "Implement an evidence collection automation workflow that pulls required artifacts from each FM control's data stores on the review cadence schedule and assembles them into a structured, indexed evidence package.",
      "Define the evidence package review procedure: ethics officer review for completeness, legal counsel review for regulatory sufficiency, GRC auditor sign-off on artifact integrity, and executive sponsor acknowledgment.",
      "Establish triggering events that generate out-of-cycle evidence packages: AI system deployment, significant change, Tier 2 or Tier 3 fairness incident, regulatory inquiry, and contractual requirement.",
      "Store evidence packages in a version-controlled, access-controlled repository with defined retention — minimum 7 years for EU AI Act compliance — and the ability to produce packages for external disclosure under confidentiality controls."
     ],
     "ethics_officer": {
      "summary": "The evidence package is the culminating artifact of the FM layer. Your review and attestation on each package certifies that the fairness monitoring program operated as designed and that any identified issues were appropriately addressed.",
      "actions": [
       "Review each evidence package for completeness against the defined template and remediate gaps before package finalization.",
       "Sign the evidence package attestation statement confirming that to the best of your knowledge the monitoring program operated as described.",
       "Use the evidence package compilation process as a quality review of the entire FM layer to identify systemic weaknesses in monitoring coverage or incident response."
      ],
      "failure_signals": [
       "Evidence packages produced without ethics officer review and attestation.",
       "Evidence package gaps not documented and remediated before finalization.",
       "Evidence package review not used to identify and address systemic FM layer weaknesses."
      ]
     },
     "legal_counsel": {
      "summary": "The evidence package must satisfy regulatory technical documentation requirements and be suitable for production in regulatory inquiries and litigation. You must review each package for regulatory sufficiency and disclosure readiness.",
      "actions": [
       "Review evidence packages against the technical documentation requirements of applicable regulations — EU AI Act Art. 11, sector-specific requirements — and identify gaps requiring remediation.",
       "Advise on evidence package classification and access controls to balance transparency obligations with legal privilege and commercial confidentiality.",
       "Maintain a regulatory submission-ready version of each evidence package that has been reviewed for privilege and external disclosure suitability."
      ],
      "failure_signals": [
       "Evidence packages not reviewed against applicable regulatory technical documentation requirements.",
       "Regulatory submission-ready package versions not maintained.",
       "Privilege and confidentiality review absent from the evidence package production process."
      ]
     },
     "data_scientist": {
      "summary": "You are responsible for the technical quality of the metric and monitoring artifacts included in the evidence package. Artifacts must be technically accurate and include sufficient metadata for independent verification.",
      "actions": [
       "Review metric computation artifacts for completeness of metadata — tool version, dataset hash, computation parameters, confidence intervals — before evidence package inclusion.",
       "Validate that fairness metric time-series excerpts in the evidence package are consistent with the full monitoring database records.",
       "Provide plain-language technical summaries for each metric artifact that explain the methodology, results, and significance for non-technical reviewers."
      ],
      "failure_signals": [
       "Metric artifacts in evidence packages lacking computation metadata.",
       "Discrepancies between evidence package excerpts and source monitoring database records.",
       "Technical artifacts without plain-language summaries for non-technical reviewers."
      ]
     },
     "grc_auditor": {
      "summary": "The evidence package is the primary audit artifact for the FM layer. You must verify that packages are complete, artifacts are authentic, and the attestation process followed the defined procedure.",
      "actions": [
       "Audit evidence packages against the defined template and verify that all required artifact types are present and complete.",
       "Perform independent integrity checks on sampled artifacts by cross-referencing against source systems.",
       "Verify that the evidence package review and attestation procedure was followed, including documentation of all reviewer approvals."
      ],
      "metrics": [
       "Evidence package completeness rate (all required artifact types present): target 100%.",
       "Evidence package generation on defined cadence: target 100%.",
       "Artifact integrity check pass rate on audited samples: target 100%.",
       "Evidence package review procedure adherence: target 100%."
      ],
      "failure_signals": [
       "Evidence packages with missing required artifact types.",
       "Artifacts in evidence packages that cannot be cross-referenced to source systems.",
       "Evidence package attestation signatures missing or not traceable to authorized reviewers."
      ]
     },
     "business_stakeholder": {
      "summary": "The evidence package provides business leadership with a consolidated view of the fairness monitoring posture for AI systems in their domain, enabling informed governance decisions and regulatory response readiness.",
      "actions": [
       "Request evidence package executive summaries for AI systems in your business domain and review them in the AI governance cycle.",
       "Provide business context attestation for evidence packages covering AI systems in your domain, confirming that business-side monitoring obligations were met.",
       "Use evidence package gap findings to drive investment in monitoring program improvements."
      ],
      "failure_signals": [
       "Business leadership not reviewing evidence package executive summaries in the governance cycle.",
       "Business-side monitoring obligations not documented in evidence packages.",
       "Evidence package gap findings not driving investment in monitoring program improvements."
      ]
     }
    },
    "maturity": {
     "current": "initial",
     "target": "managed",
     "notes": "Structured evidence packages for AI fairness monitoring are an emerging practice. Most organizations cannot produce such packages on demand for regulatory inquiries, exposing them to enforcement risk."
    },
    "capability_risk": {
     "capability_level": "none"
    },
    "tiers": [
     "universal-enterprise",
     "high-risk-sector",
     "eu-high-risk-ai",
     "federated-enterprise",
     "cloud-native"
    ],
    "implementers": [
     "AI Ethics Office",
     "GRC / Internal Audit",
     "Legal / Compliance",
     "Data Science / ML Engineering"
    ],
    "frameworks": [
     {
      "framework": "eu_ai_act",
      "requirement_id": "Art. 11",
      "fit": "direct",
      "rationale": "EU AI Act Article 11 requires providers of high-risk AI systems to maintain comprehensive technical documentation demonstrating conformity with the Act's requirements, including fairness and bias monitoring provisions. The Fairness Monitoring Evidence Package directly fulfills this technical documentation requirement by compiling the evidence generated by FM-01 through FM-07 into a structured, auditable record. EU notified bodies conducting conformity assessments will expect a package substantially equivalent to this control's output.",
      "normative_force": "binding-law",
      "source_version": "2024/1689",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "satisfies"
     },
     {
      "framework": "iso_42001",
      "requirement_id": "§9.3",
      "fit": "direct",
      "rationale": "ISO/IEC 42001:2023 clause 9.3 requires management review of the AI management system, including review of performance against ethical objectives. The evidence package provides the documentation required for this management review by compiling monitoring results, incident records, and audit trail summaries. ISO 42001 certification auditors will examine management review records, and the evidence package directly supports the review documentation requirement.",
      "normative_force": "certification-standard",
      "source_version": "2023",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "nist_rmf",
      "requirement_id": "MEASURE 2.11",
      "fit": "direct",
      "rationale": "NIST AI RMF MEASURE 2.11 requires that fairness and bias are evaluated and that results are demonstrated. The compiled FM evidence package is the demonstration artifact — aggregating monitoring records, threshold governance decisions, and incident history into reviewable proof that fairness evaluation is operating as documented.",
      "normative_force": "voluntary-standard",
      "source_version": "1.0",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "ieee_7000",
      "requirement_id": "Clause 10 (Ethical risk-based design)",
      "fit": "partial",
      "rationale": "IEEE 7000-2021 clause 10's ethical risk-based design process produces documented risk treatment decisions and rationale. The evidence package extends that documentation discipline into the fairness monitoring phase, providing a structured record reviewable at each governance milestone.",
      "normative_force": "voluntary-standard",
      "source_version": "2021",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "oecd_ai_principles",
      "requirement_id": "Principle 1.5",
      "fit": "partial",
      "rationale": "OECD AI Principle 1.5 on accountability requires that AI actors be accountable for AI systems functioning in accordance with the other principles, including through mechanisms for human oversight. A compiled evidence package directly supports this accountability requirement by creating a verifiable record demonstrating that fairness monitoring obligations were met. The OECD's 2024 updated guidelines specifically identify documentation and evidence as core components of AI accountability frameworks.",
      "normative_force": "voluntary-standard",
      "source_version": "2024",
      "reviewed_on": "2026-07-02",
      "basis": "asserted",
      "relation": "informs"
     },
     {
      "framework": "acm_ethics",
      "requirement_id": "§2.5",
      "fit": "adjacent",
      "rationale": "ACM Code of Ethics §2.5 requires comprehensive and thorough evaluations of computer systems and their impacts, which supports documenting those evaluations for review. The evidence package implements this at the organizational level by compiling evaluation records spanning the entire FM layer.",
      "normative_force": "best-practice",
      "source_version": "2018",
      "reviewed_on": "2026-07-02",
      "basis": "asserted",
      "relation": "informs"
     },
     {
      "framework": "microsoft_rai",
      "requirement_id": "Goals A1–A5 (Accountability); Goal A1 (Impact assessment)",
      "fit": "direct",
      "rationale": "Microsoft's Responsible AI Standard v2 Accountability goals and Impact assessment requirements explicitly require organizations to compile and maintain comprehensive documentation packages demonstrating that AI governance activities — including fairness monitoring, incident response, and audit trails — are operating as committed. FM-08's Fairness Monitoring Evidence Package directly implements this requirement by mandating compilation of evidence from FM-01 through FM-07 into a structured package demonstrating that production fairness is systematically monitored, thresholds enforced, incidents responded to, and audit trails maintained. FM-08 gives Microsoft's accountability goals a defined artifact — the evidence package — that auditors and oversight bodies can review to assess compliance.",
      "normative_force": "best-practice",
      "source_version": "v2 (2022)",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "google_ai_principles",
      "requirement_id": "Responsible development and deployment — appropriate human oversight, due diligence, and feedback mechanisms",
      "fit": "partial",
      "rationale": "Google's current AI Principles (the 2025 revision, which replaced the 2018 seven-principles list with three pillars — Bold innovation; Responsible development and deployment; Collaborative progress) commit to due diligence that is demonstrable rather than merely asserted. FM-08's compiled Fairness Monitoring Evidence Package aggregates FM-layer records into an auditable package suitable for regulatory and audit review — the demonstrability layer for fairness governance.",
      "normative_force": "best-practice",
      "source_version": "2025",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "anthropic_rsp",
      "requirement_id": "Governance and Transparency — Risk Reports",
      "fit": "partial",
      "rationale": "RSP v3.3 requires Anthropic to maintain documented Risk Reports and governance records demonstrating that its safety commitments are met in practice, with oversight from the Responsible Scaling Officer. FM-08's Fairness Monitoring Evidence Package applies the same compiled-evidence discipline to deployer fairness governance, aggregating FM-layer records into a package that withstands external scrutiny.",
      "normative_force": "best-practice",
      "source_version": "3.3",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "meta_llama_rai",
      "requirement_id": "Build transparency and reporting mechanisms",
      "fit": "adjacent",
      "rationale": "The Responsible Use Guide recommends transparency and reporting mechanisms, and Meta documents Llama safety evaluations publicly — an industry practice of making safety evidence reviewable. FM-08's Fairness Monitoring Evidence Package applies the same evidence-compilation discipline to deployer fairness governance, aggregating FM-layer records into an auditable package.",
      "normative_force": "best-practice",
      "source_version": "2023",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     }
    ],
    "canonical_id": "apeiris://ethics/controls/FM-08",
    "meta": {
     "authored_on": "2026-06-29",
     "schema_version": "1.1.0"
    },
    "validation_objective": "A current Fairness Monitoring Evidence Package must exist for each in-scope AI system, compiled from FM-01 through FM-07 artifacts, reviewed and attested by the ethics officer and legal counsel, and generated on the defined cadence or upon qualifying trigger events. The control passes if all required artifact types are present and complete, all reviewer attestations are signed, and the package can be produced to a regulator within the defined response window without gaps.",
    "evidence_required": [
     "Fairness Monitoring Evidence Package for each in-scope AI system containing indexed artifacts from FM-01 through FM-07, with ethics officer attestation, legal counsel regulatory-sufficiency review, GRC auditor integrity sign-off, and executive sponsor acknowledgment",
     "Evidence package generation log showing all packages produced in the trailing 12 months including cadence packages and trigger-event packages for deployment, significant change, Tier 2/3 incident, and regulatory inquiry events",
     "Evidence package template document specifying required artifact types from each FM control, minimum completeness criteria for each artifact, and reviewer authorization chain",
     "Regulatory submission-ready package version with privilege review records showing legal counsel assessment of confidentiality classification and external disclosure suitability",
     "Evidence package gap log documenting any missing artifacts with remediation actions and timelines, confirming gaps were resolved before finalization or documented as accepted risk with ethics officer approval"
    ],
    "machine_tests": [
     "Query the evidence package repository for all in-scope AI systems → assert each has a package generated within the defined cadence window with zero systems having no package on record",
     "Parse the most recent evidence package for each in-scope AI system → assert all required artifact types from FM-01 through FM-07 are present and each artifact has required metadata fields: system_id, artifact_type, source_control, generated_at",
     "Retrieve evidence package review records → assert each package has signed attestation from all required reviewers (ethics officer, legal counsel, GRC auditor, executive sponsor) with timestamps within the defined review window",
     "Simulate a qualifying trigger event (Tier 3 incident) in a test environment → assert an out-of-cycle evidence package compilation is initiated within the defined trigger-response SLA"
    ],
    "human_review": [
     "Review evidence packages for completeness against the defined template, assessing whether artifact quality meets regulatory sufficiency for EU AI Act Art. 11 conformity assessment review, not merely artifact presence",
     "Assess the evidence package generation cadence against applicable triggering events to verify out-of-cycle packages were produced for all qualifying events with no missed triggers",
     "Verify that regulatory submission-ready package versions are maintained with current confidentiality classifications and that legal counsel privilege review was conducted within the past review cycle"
    ],
    "blocking_effect": "blocks-deployment",
    "normative_status": "binding-law",
    "anti_patterns": [
     "Assembling evidence packages manually on demand for regulatory inquiries by gathering documents from individual teams rather than automating compilation from FM-layer artifact stores, resulting in incomplete and inconsistent packages",
     "Including metric excerpts and monitoring records in evidence packages without the computation metadata needed for independent verification, such as tool version, dataset hash, sample counts, and confidence intervals",
     "Treating the evidence package as a one-time pre-deployment deliverable rather than a recurring artifact maintained throughout the system's operational life, leaving post-deployment monitoring evidence uncollected",
     "Compiling evidence packages without legal counsel regulatory-sufficiency review, resulting in packages that satisfy internal governance expectations but cannot withstand EU AI Act Art. 11 technical documentation scrutiny",
     "Generating evidence packages at fixed quarterly intervals only without trigger-based generation for deployments, Tier 2/3 incidents, or regulatory inquiries, creating evidence gaps precisely when scrutiny is highest"
    ],
    "update_status": "current",
    "layer_code": "FM"
   },
   {
    "id": "EG-01",
    "layer": "EG",
    "plane": "control",
    "name": "Ethics Governance Structure",
    "plain": "The enterprise must establish a formal AI Ethics Board or committee with defined membership, decision authority, escalation paths, and direct reporting to executive leadership, ensuring ethics oversight is institutionalized and not ad hoc.",
    "threat": {
     "tags": [
      "governance-gap",
      "accountability-vacuum",
      "ethics-drift",
      "oversight-failure"
     ],
     "desc": "Without a formal ethics governance structure, AI ethical decisions are made informally, inconsistently, or not at all. Accountability vacuums emerge as teams lack clarity on who has authority to block or modify AI systems with ethical concerns. Escalation paths are undefined, meaning serious ethical risks may never reach decision-makers with the authority to act."
    },
    "standard": [
     {
      "id": "iso_42001",
      "section": "§6.1",
      "title": "AI ethics governance and accountability structure"
     },
     {
      "id": "nist_rmf",
      "section": "GOVERN 2.1",
      "title": "Documented roles, responsibilities, and lines of communication"
     },
     {
      "id": "ieee_7000",
      "section": "§7.3",
      "title": "Ethical accountability roles and responsibilities"
     },
     {
      "id": "oecd_ai_principles",
      "section": "Principle 1.5",
      "title": "Accountability for AI systems"
     }
    ],
    "sources": [
     {
      "id": "anthropic_rsp_2024",
      "title": "Anthropic Responsible Scaling Policy v3.3",
      "authority": "Anthropic, PBC",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "3.3",
      "published_on": "2026-05-26",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.anthropic.com/responsible-scaling-policy",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "anthropic_rsp",
      "relationship": "informative_reference",
      "rationale": "Establishes Anthropic Responsible Scaling Policy v3.3 requirements informing the apeiris://ethics/controls/EG-01 Ethics Governance Structure control.",
      "reviewed_on": "2026-07-02"
     },
     {
      "id": "microsoft_rai_standard_v2_2022",
      "title": "Microsoft Responsible AI Standard v2",
      "authority": "Microsoft Corporation",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2",
      "published_on": "2022-06-21",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.microsoft.com/en-us/ai/responsible-ai",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "microsoft_rai_standard_v2_2022",
      "relationship": "informative_reference",
      "rationale": "Establishes Microsoft Responsible AI Standard v2 requirements informing the apeiris://ethics/controls/EG-01 Ethics Governance Structure control.",
      "reviewed_on": "2026-07-01"
     },
     {
      "id": "google_ai_principles_2023",
      "title": "Google AI Principles",
      "authority": "Google LLC",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2025",
      "published_on": "2025-02-04",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://ai.google/responsibility/principles/",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "google_ai_principles_2023",
      "relationship": "informative_reference",
      "rationale": "Establishes Google AI Principles requirements informing the apeiris://ethics/controls/EG-01 Ethics Governance Structure control.",
      "reviewed_on": "2026-07-02"
     }
    ],
    "implementation": {
     "pattern": "Establish a standing AI Ethics Board with cross-functional membership (legal, engineering, ethics, business), documented charter defining scope and authority, escalation procedures from team-level to board-level, and a mandatory reporting cadence to executive leadership.",
     "steps": [
      "Define the AI Ethics Board charter: membership criteria, quorum rules, voting or consensus mechanisms, and scope of authority over AI deployments.",
      "Establish formal escalation paths from individual contributors through product and engineering leadership to the Ethics Board and C-suite.",
      "Schedule and document regular Ethics Board meetings with structured agendas, decision logs, and executive briefing cadence (minimum quarterly).",
      "Publish the ethics governance structure internally and ensure all AI teams have access to escalation contacts and procedures."
     ],
     "ethics_officer": {
      "summary": "The Ethics Board is your primary institutional vehicle for embedding ethics into AI decisions. Charter and staffing quality determine whether it is effective or performative.",
      "actions": [
       "Draft and ratify the Ethics Board charter with clear authority over high-risk AI deployments.",
       "Recruit cross-functional board members including domain experts, affected community representatives where feasible, and technical leads.",
       "Establish a standing agenda template and decision log that creates an auditable record of ethics deliberations."
      ],
      "failure_signals": [
       "Ethics Board has not met in the last 90 days.",
       "No documented escalation path exists for AI ethics concerns from individual teams.",
       "Ethics Board decisions are not logged or are overridden without documented rationale."
      ]
     },
     "legal_counsel": {
      "summary": "The Ethics Board charter creates legal accountability anchors. Ensure its authority is documented in a way that supports regulatory defense and director liability management.",
      "actions": [
       "Review the Ethics Board charter for alignment with EU AI Act governance requirements and applicable national AI regulations.",
       "Confirm that board-level reporting creates appropriate visibility for directors who may have fiduciary duties related to AI risk."
      ],
      "failure_signals": [
       "Ethics Board authority is not documented in a legally defensible charter.",
       "No connection exists between Ethics Board decisions and enterprise risk register."
      ]
     },
     "grc_auditor": {
      "summary": "The Ethics Board structure is a primary audit artifact for demonstrating AI governance maturity. Completeness of documentation and evidence of operation are the key tests.",
      "actions": [
       "Request the Ethics Board charter, meeting minutes, and decision logs for the trailing 12 months.",
       "Verify that escalation paths are documented and that at least one escalation was exercised and recorded.",
       "Map Ethics Board reporting cadence against executive and board-level governance obligations."
      ],
      "metrics": [
       "Ethics Board meeting frequency: minimum quarterly, target monthly.",
       "Escalation path documentation coverage: 100% of AI product teams.",
       "Decision log completeness: 100% of board meetings with recorded decisions."
      ],
      "failure_signals": [
       "Meeting minutes or decision logs are absent or incomplete.",
       "Escalation paths cannot be demonstrated to have been used.",
       "Executive or board reporting has not occurred in the past two quarters."
      ]
     },
     "business_stakeholder": {
      "summary": "Ethics governance structure protects the business by ensuring ethical risks are identified before they become regulatory, reputational, or operational crises.",
      "actions": [
       "Ensure business unit leadership is represented on or has a liaison to the Ethics Board.",
       "Request quarterly ethics posture briefings that include business-relevant risk summaries."
      ],
      "failure_signals": [
       "Business units are unaware of the Ethics Board's existence or escalation path.",
       "Ethics concerns from business stakeholders have no formal intake mechanism."
      ]
     }
    },
    "maturity": {
     "current": "initial",
     "target": "defined",
     "notes": "Most enterprises have no formal AI Ethics Board; ad hoc ethics review is common but insufficient for high-risk AI deployment."
    },
    "capability_risk": {
     "capability_level": "none"
    },
    "tiers": [
     "universal-enterprise",
     "high-risk-sector",
     "eu-high-risk-ai",
     "federated-enterprise"
    ],
    "implementers": [
     "Ethics Office",
     "Legal Counsel",
     "Executive Leadership",
     "GRC Team"
    ],
    "frameworks": [
     {
      "framework": "iso_42001",
      "requirement_id": "§6.1",
      "fit": "direct",
      "rationale": "ISO/IEC 42001:2023 §6.1 requires organizations to establish AI management system governance including roles, responsibilities, and accountability structures. A formal Ethics Board directly satisfies this requirement.",
      "normative_force": "certification-standard",
      "source_version": "2023",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "nist_rmf",
      "requirement_id": "GOVERN 2.1",
      "fit": "direct",
      "rationale": "NIST AI RMF GOVERN 2.1 requires that roles, responsibilities, and lines of communication related to mapping, measuring, and managing AI risks are documented and clear. An Ethics Board with a documented charter, defined membership, and formal escalation paths directly implements this governance subcategory.",
      "normative_force": "voluntary-standard",
      "source_version": "1.0",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "eu_ai_act",
      "requirement_id": "Art. 9",
      "fit": "direct",
      "rationale": "EU AI Act Article 9 requires high-risk AI providers to implement a risk management system with defined roles and oversight mechanisms. A formal ethics governance structure with escalation paths supports compliance with this requirement.",
      "normative_force": "binding-law",
      "source_version": "2024/1689",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "satisfies"
     },
     {
      "framework": "oecd_ai_principles",
      "requirement_id": "Principle 1.5",
      "fit": "direct",
      "rationale": "OECD AI Principles Principle 1.5 on accountability requires that AI actors are accountable for proper functioning of AI systems. Establishing formal governance structures with clear decision authority implements this accountability principle.",
      "normative_force": "voluntary-standard",
      "source_version": "2024",
      "reviewed_on": "2026-07-02",
      "basis": "asserted",
      "relation": "informs"
     },
     {
      "framework": "ieee_7000",
      "requirement_id": "§7.3",
      "fit": "partial",
      "rationale": "IEEE 7000-2021 §7.3 addresses ethical accountability within system design processes, requiring that roles and responsibilities for ethical decision-making are assigned. An Ethics Board extends this requirement to organizational governance beyond the design phase.",
      "normative_force": "voluntary-standard",
      "source_version": "2021",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "anthropic_rsp",
      "requirement_id": "Governance and Transparency — Responsible Scaling Officer",
      "fit": "partial",
      "rationale": "RSP v3.3 institutionalizes safety governance: a designated Responsible Scaling Officer accountable for policy implementation, defined escalation paths, and documented governance commitments at the organizational level. EG-01's Ethics Board with a charter, escalation procedures, and executive reporting builds the equivalent institutional structure for enterprise AI ethics; the RSP is an industry reference model, binding on Anthropic alone.",
      "normative_force": "best-practice",
      "source_version": "3.3",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "microsoft_rai",
      "requirement_id": "Goals A1–A5 (Accountability)",
      "fit": "direct",
      "rationale": "Microsoft Responsible AI Standard v2 Accountability goals explicitly require organizations to establish governance structures with defined roles, responsibilities, and escalation paths for responsible AI. The Ethics Governance Structure control — establishing a formal Ethics Board with a documented charter, cross-functional membership, formal escalation procedures, and mandatory executive reporting — directly implements these accountability governance requirements as an institutional mechanism.",
      "normative_force": "best-practice",
      "source_version": "v2 (2022)",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "google_ai_principles",
      "requirement_id": "Responsible development and deployment — appropriate human oversight, due diligence, and feedback mechanisms",
      "fit": "partial",
      "rationale": "Google's current AI Principles (the 2025 revision, which replaced the 2018 seven-principles list with three pillars — Bold innovation; Responsible development and deployment; Collaborative progress) commit to appropriate human oversight of AI at the organizational level. Establishing a formal AI Ethics Board with documented decision authority, escalation paths, and executive reporting creates the institutional structure through which that oversight commitment is enforced and verified.",
      "normative_force": "best-practice",
      "source_version": "2025",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     }
    ],
    "canonical_id": "apeiris://ethics/controls/EG-01",
    "meta": {
     "authored_on": "2026-06-29",
     "schema_version": "1.1.0"
    },
    "validation_objective": "The enterprise must have an active, formally chartered AI Ethics Board with documented cross-functional membership, defined decision authority over high-risk AI deployments, a functioning escalation path from individual teams to the board, and evidence of executive-level reporting within the past 90 days. The control passes if an Ethics Board charter exists, meeting minutes and decision logs are complete for the trailing 12 months, all high-risk AI systems have Ethics Board approval records, and at least one escalation was exercised and documented.",
    "evidence_required": [
     "AI Ethics Board charter document signed at C-suite or board authority level, specifying membership criteria, quorum rules, decision authority scope over high-risk AI deployment approvals, and meeting cadence",
     "Ethics Board meeting minutes for the trailing 12 months showing dates, attendees, agenda items, decision log entries, and executive or board-level reporting records confirming required governance cadence",
     "Escalation path documentation distributed to all AI product teams showing the path from individual contributor to Ethics Board with named contacts at each level and documented response SLAs",
     "Ethics Board decision log entries for AI deployment approvals or rejections in the trailing 12 months, confirming high-risk AI systems passed through the formal governance process",
     "Evidence of at least one ethics escalation exercised through the documented escalation path, with intake record, investigation record, Ethics Board disposition, and outcome notification to the escalating party"
    ],
    "machine_tests": [
     "Query the AI deployment approval system → assert all AI systems classified as high-risk have an Ethics Board approval record with board decision timestamp and approving members documented, with no high-risk deployments lacking board sign-off",
     "Retrieve the Ethics Board meeting calendar for the trailing 12 months → assert meetings occurred at minimum quarterly frequency with quorum confirmed in attendance records for each meeting",
     "Query the ethics escalation intake system for the trailing 12 months → assert all submitted escalations have a documented disposition record with resolution timeline within the defined SLA"
    ],
    "human_review": [
     "Review Ethics Board charter for completeness of authority definition, verifying the charter gives the board meaningful power to block or require modification of AI deployments rather than only advisory authority, and that this is reflected in actual deployment decision records",
     "Assess escalation path documentation for discoverability and clarity by interviewing a sample of AI team leads to verify they can identify the escalation contacts and process applicable to their systems",
     "Evaluate Ethics Board meeting decision logs for substantive governance evidence, confirming decisions reflect genuine deliberation with documented rationale rather than pro forma approval of pre-decided outcomes"
    ],
    "blocking_effect": "blocks-deployment",
    "normative_status": "binding-law",
    "anti_patterns": [
     "Establishing an AI Ethics Board with advisory-only authority that cannot block or require modification of AI deployments, creating governance cover for unethical AI decisions without the power to prevent them",
     "Populating the Ethics Board exclusively with internal employees from engineering and legal functions, excluding external experts, affected community representatives, and independent ethics advisors who would provide critical challenge",
     "Operating the Ethics Board as a rubber-stamp committee that reviews AI deployments after technical and commercial decisions are fully committed, rather than as a body with early-stage input and pre-deployment blocking authority",
     "Maintaining escalation path documentation only in internal wikis or onboarding materials without actively communicating it to all AI teams, resulting in team members being unaware of the escalation path when ethics concerns arise",
     "Logging Ethics Board meetings with attendance records and agenda items but without decision logs capturing the specific determinations and their rationale, making the audit trail insufficient for regulatory accountability review"
    ],
    "update_status": "current",
    "layer_code": "EG"
   },
   {
    "id": "EG-02",
    "layer": "EG",
    "plane": "control",
    "name": "AI Ethics Policy Framework",
    "plain": "The enterprise must maintain a comprehensive AI ethics policy framework that governs the ethical development, deployment, and monitoring of AI systems, covering principles, prohibited uses, review requirements, and accountability obligations.",
    "threat": {
     "tags": [
      "policy-gap",
      "ethics-inconsistency",
      "ungoverned-deployment",
      "compliance-drift"
     ],
     "desc": "Without a documented ethics policy framework, AI teams make independent ethical judgments that may conflict across the organization. Prohibited use cases are not formally defined, enabling deployment of AI in contexts that violate organizational values or regulatory obligations. Policy gaps become audit findings and, in regulated industries, can constitute compliance failures with direct legal exposure."
    },
    "standard": [
     {
      "id": "iso_42001",
      "section": "§5.2",
      "title": "AI ethics policy and objectives"
     },
     {
      "id": "nist_rmf",
      "section": "GOVERN 1.2",
      "title": "Organizational AI ethics policies and practices"
     },
     {
      "id": "oecd_ai_principles",
      "section": "Principle 1.3",
      "title": "Transparency and explainability policy obligations"
     },
     {
      "id": "acm_ethics",
      "section": "§1.1–1.4",
      "title": "Ethical computing obligations and institutional policies"
     }
    ],
    "sources": [
     {
      "id": "microsoft_rai_standard_v2_2022",
      "title": "Microsoft Responsible AI Standard v2",
      "authority": "Microsoft Corporation",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2",
      "published_on": "2022-06-21",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.microsoft.com/en-us/ai/responsible-ai",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "microsoft_rai_standard_v2_2022",
      "relationship": "informative_reference",
      "rationale": "Establishes Microsoft Responsible AI Standard v2 requirements informing the apeiris://ethics/controls/EG-02 AI Ethics Policy Framework control.",
      "reviewed_on": "2026-07-01"
     },
     {
      "id": "anthropic_rsp_2024",
      "title": "Anthropic Responsible Scaling Policy v3.3",
      "authority": "Anthropic, PBC",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "3.3",
      "published_on": "2026-05-26",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.anthropic.com/responsible-scaling-policy",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "anthropic_rsp",
      "relationship": "informative_reference",
      "rationale": "Establishes Anthropic Responsible Scaling Policy v3.3 requirements informing the apeiris://ethics/controls/EG-02 AI Ethics Policy Framework control.",
      "reviewed_on": "2026-07-02"
     },
     {
      "id": "openai_model_spec_2024",
      "title": "OpenAI Model Specification",
      "authority": "OpenAI, L.L.C.",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2024",
      "published_on": "2024-05-08",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://cdn.openai.com/spec/model-spec-2024-05-08.html",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "openai_model_spec_2024",
      "relationship": "informative_reference",
      "rationale": "Establishes OpenAI Model Specification requirements informing the apeiris://ethics/controls/EG-02 AI Ethics Policy Framework control.",
      "reviewed_on": "2026-07-01"
     },
     {
      "id": "google_ai_principles_2023",
      "title": "Google AI Principles",
      "authority": "Google LLC",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2025",
      "published_on": "2025-02-04",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://ai.google/responsibility/principles/",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "google_ai_principles_2023",
      "relationship": "informative_reference",
      "rationale": "Establishes Google AI Principles requirements informing the apeiris://ethics/controls/EG-02 AI Ethics Policy Framework control.",
      "reviewed_on": "2026-07-02"
     },
     {
      "id": "meta_llama_responsible_use_2024",
      "title": "Meta Llama Responsible Use Guide",
      "authority": "Meta Platforms, Inc.",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2023",
      "published_on": "2023-07-18",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.llama.com/responsible-use-guide/",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "meta_llama_responsible_use_2024",
      "relationship": "informative_reference",
      "rationale": "Establishes Meta Llama Responsible Use Guide requirements informing the apeiris://ethics/controls/EG-02 AI Ethics Policy Framework control.",
      "reviewed_on": "2026-07-02"
     }
    ],
    "implementation": {
     "pattern": "Author and maintain a tiered AI ethics policy framework: a top-level principles document, domain-specific policies (fairness, transparency, privacy, safety), and operational standards for development teams. Publish policies, enforce through AI intake review, and review annually or upon major regulatory change.",
     "steps": [
      "Draft a top-level AI Ethics Policy articulating organizational principles, values, and prohibited AI uses, approved at C-suite or board level.",
      "Develop domain-specific sub-policies covering fairness and non-discrimination, transparency and explainability, privacy, safety, and environmental impact.",
      "Integrate policy compliance into the AI development lifecycle: require policy review sign-off at design, pre-deployment, and post-deployment monitoring gates.",
      "Establish a policy versioning and review cadence (minimum annual) with mandatory ethics officer review and legal sign-off.",
      "Publish all policies in a central, discoverable location accessible to all AI teams and relevant third parties."
     ],
     "ethics_officer": {
      "summary": "The ethics policy framework is the operational expression of organizational AI values. Quality, specificity, and enforcement mechanisms determine whether policies govern behavior or merely decorate compliance documentation.",
      "actions": [
       "Author the top-level AI Ethics Policy with input from legal, engineering, business, and affected community representatives.",
       "Define a prohibited use register that is specific, exhaustive within the domain, and reviewed at least annually.",
       "Create policy attestation requirements that AI team leads must sign before new system deployments."
      ],
      "failure_signals": [
       "No top-level AI Ethics Policy exists or has not been reviewed in the past 12 months.",
       "Prohibited use register is absent, vague, or not enforced at deployment gates.",
       "AI teams cannot identify where to find or how to interpret applicable ethics policies."
      ]
     },
     "legal_counsel": {
      "summary": "The ethics policy framework must align with regulatory obligations and provide defensible evidence of good-faith compliance efforts. Policy gaps are audit findings and litigation exposure.",
      "actions": [
       "Map ethics policy provisions against EU AI Act requirements, applicable national AI laws, and sector-specific regulations.",
       "Ensure prohibited use register explicitly addresses uses prohibited by law and those that, while legal, violate organizational risk tolerance.",
       "Review policy language for enforceability and ensure violation consequences are defined."
      ],
      "failure_signals": [
       "Ethics policies have not been reviewed against the EU AI Act or equivalent applicable law.",
       "Policy language is aspirational only with no enforcement mechanism or consequence defined."
      ]
     },
     "grc_auditor": {
      "summary": "The ethics policy framework is the foundational artifact for AI governance audits. Policy completeness, currency, and evidence of enforcement are the primary audit tests.",
      "actions": [
       "Obtain the full ethics policy framework and verify version history and most recent review dates.",
       "Sample five AI systems and verify each has documented policy compliance sign-off.",
       "Test whether AI teams can identify the applicable policies for their systems."
      ],
      "metrics": [
       "Policy review currency: 100% of policies reviewed within the past 12 months.",
       "AI system policy compliance coverage: target 100% of systems with documented policy sign-off.",
       "Prohibited use register completeness: reviewed against current regulatory landscape at least annually."
      ],
      "failure_signals": [
       "Policies are stale (not reviewed in 12+ months).",
       "AI systems deployed without documented ethics policy review.",
       "Policy framework lacks domain-specific sub-policies for fairness, transparency, or privacy."
      ]
     },
     "data_scientist": {
      "summary": "Ethics policies define what you are permitted to build and how you must build it. Familiarity with applicable policies before model development begins prevents costly redesigns late in the lifecycle.",
      "actions": [
       "Review applicable ethics policies before initiating model development or fine-tuning.",
       "Flag potential policy conflicts to the ethics officer at the design stage, not post-deployment.",
       "Document how model design choices satisfy fairness and transparency policy requirements."
      ],
      "failure_signals": [
       "Model design documentation does not reference applicable ethics policies.",
       "Ethics policy conflicts are identified after deployment rather than at design stage."
      ]
     }
    },
    "maturity": {
     "current": "initial",
     "target": "managed",
     "notes": "Many organizations have high-level AI ethics statements but lack operational sub-policies and enforcement mechanisms."
    },
    "capability_risk": {
     "capability_level": "none"
    },
    "tiers": [
     "universal-enterprise",
     "high-risk-sector",
     "eu-high-risk-ai",
     "federated-enterprise",
     "multi-tenant"
    ],
    "implementers": [
     "Ethics Office",
     "Legal Counsel",
     "Policy Team",
     "AI Product Teams"
    ],
    "frameworks": [
     {
      "framework": "iso_42001",
      "requirement_id": "§5.2",
      "fit": "direct",
      "rationale": "ISO/IEC 42001:2023 §5.2 requires top management to establish an AI policy that includes ethical principles and objectives. The ethics policy framework directly fulfills this requirement with tiered policy documentation.",
      "normative_force": "certification-standard",
      "source_version": "2023",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "nist_rmf",
      "requirement_id": "GOVERN 1.2",
      "fit": "direct",
      "rationale": "NIST AI RMF GOVERN 1.2 requires that the accountability, transparency, and explainability objectives of AI systems are established in organizational policy. A comprehensive ethics policy framework operationalizes these GOVERN requirements.",
      "normative_force": "voluntary-standard",
      "source_version": "1.0",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "eu_ai_act",
      "requirement_id": "Art. 9, Art. 13",
      "fit": "direct",
      "rationale": "EU AI Act Articles 9 and 13 require high-risk AI providers to implement risk management systems and transparency measures. A formal ethics policy framework with prohibited use registers and transparency requirements directly supports these obligations.",
      "normative_force": "binding-law",
      "source_version": "2024/1689",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "satisfies"
     },
     {
      "framework": "oecd_ai_principles",
      "requirement_id": "Principle 1.3",
      "fit": "direct",
      "rationale": "OECD AI Principle 1.3 on transparency requires AI actors to provide meaningful information about their AI systems consistent with responsible disclosure. Ethics policies governing transparency obligations implement this principle operationally.",
      "normative_force": "voluntary-standard",
      "source_version": "2024",
      "reviewed_on": "2026-06-29",
      "basis": "asserted",
      "relation": "informs"
     },
     {
      "framework": "acm_ethics",
      "requirement_id": "§1.1–1.4",
      "fit": "partial",
      "rationale": "ACM Code of Ethics §1.1–1.4 establishes professional obligations for computing practitioners including avoiding harm, being honest, and respecting privacy. Organizational ethics policies that reflect these obligations extend them from individual to institutional scope.",
      "normative_force": "best-practice",
      "source_version": "2018",
      "reviewed_on": "2026-06-29",
      "basis": "asserted",
      "relation": "informs"
     },
     {
      "framework": "microsoft_rai",
      "requirement_id": "Goals A1–A5 (Accountability)",
      "fit": "partial",
      "rationale": "Microsoft Responsible AI Standard v2 Accountability Goals (A1–A5) require that AI systems are subject to appropriate human oversight and accountability mechanisms documented in policy. An ethics policy framework with enforcement mechanisms demonstrates alignment with this industry standard.",
      "normative_force": "best-practice",
      "source_version": "v2 (2022)",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "anthropic_rsp",
      "requirement_id": "Capability Thresholds and Required Safeguards",
      "fit": "partial",
      "rationale": "The RSP v3.3 is an industry model for a formal AI policy framework: principled commitments, pre-defined Capability Thresholds functioning as bright-line constraints, and safeguard requirements that scale with risk. EG-02 ethics policy frameworks with prohibited-use registers and tiered enforcement mirror this architecture; the RSP's constraints govern Anthropic's own model development and deployment, not customer obligations.",
      "normative_force": "best-practice",
      "source_version": "3.3",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "openai_model_spec",
      "requirement_id": "Overview; The chain of command; Stay in bounds",
      "fit": "partial",
      "rationale": "The OpenAI Model Spec is itself a comprehensive published AI behavior policy: an overview stating objectives, a chain of command defining authority levels, and Stay in bounds rules enumerating restricted behavior. Enterprise AI ethics policy frameworks under EG-02 can reference this architecture — hierarchical authority plus enumerated prohibitions plus default behaviors — when structuring their own policy documents and prohibited-use registers.",
      "normative_force": "best-practice",
      "source_version": "2025-12-18",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "google_ai_principles",
      "requirement_id": "Responsible development and deployment — appropriate human oversight, due diligence, and feedback mechanisms",
      "fit": "partial",
      "rationale": "Google's current AI Principles (the 2025 revision, which replaced the 2018 seven-principles list with three pillars — Bold innovation; Responsible development and deployment; Collaborative progress) are themselves a published ethics policy framework: pillar-level commitments covering innovation benefit, responsible development and deployment, and collaborative progress. EG-02 enterprise ethics policy frameworks can reference this published structure — noting that the 2025 revision consolidated the earlier seven principles into three pillars — when drafting their own principle and prohibited-use documents.",
      "normative_force": "best-practice",
      "source_version": "2025",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "meta_llama_rai",
      "requirement_id": "Llama Acceptable Use Policy (separate document)",
      "fit": "partial",
      "rationale": "The Llama Acceptable Use Policy is a published prohibited-use register — enumerated categories covering violence, exploitation, deception, and unlawful discrimination — maintained as a distinct policy document alongside developer guidance. EG-02 ethics policy frameworks can reference its structure when constructing organizational prohibited-AI-use registers, checking completeness against known industry categories.",
      "normative_force": "best-practice",
      "source_version": "2023",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     }
    ],
    "canonical_id": "apeiris://ethics/controls/EG-02",
    "meta": {
     "authored_on": "2026-06-29",
     "schema_version": "1.1.0"
    },
    "validation_objective": "The enterprise must maintain a comprehensive, current AI ethics policy framework with a top-level policy approved at C-suite or board level, domain-specific sub-policies covering fairness, transparency, privacy, and safety, a documented prohibited use register, and evidence that all AI systems in production have completed policy compliance sign-off at each lifecycle gate. The control passes if no AI system is in production without documented ethics policy review and sign-off at design, pre-deployment, and post-deployment monitoring gates.",
    "evidence_required": [
     "Top-level AI Ethics Policy document with C-suite or board approval signature, current version number, and most recent review date within the past 12 months",
     "Domain-specific ethics sub-policy documents for fairness and non-discrimination, transparency and explainability, privacy, safety, and environmental impact, each with version history and last-reviewed date",
     "Prohibited AI use register listing explicitly prohibited use cases with sufficient specificity to enable compliance determination, approved at ethics officer and legal counsel level and reviewed within the past 12 months against current regulatory requirements",
     "AI system policy compliance sign-off records showing documented ethics policy review at design gate, pre-deployment gate, and post-deployment monitoring gate for all AI systems in production with the reviewing team lead's attestation",
     "Policy distribution records confirming all AI product teams have access to the ethics policy framework, with read confirmation or training completion records as applicable"
    ],
    "machine_tests": [
     "Query the AI deployment records system → assert 100% of AI systems in production have policy compliance sign-off records at all three gates (design, pre-deployment, post-deployment) with no gaps in the attestation chain",
     "Retrieve all ethics policy documents and check last-reviewed dates → assert 100% of policies have a review record within the past 12 months with zero policies exceeding the annual review cadence",
     "Query the prohibited use register and cross-reference against AI system deployment proposals → assert no deployed system's use case matches a prohibited use register entry without a documented exceptional approval and escalation record"
    ],
    "human_review": [
     "Review the prohibited use register for specificity and completeness, assessing whether entries are concrete enough for AI teams to make unambiguous compliance determinations and verifying coverage against EU AI Act Art. 5 prohibited AI practices",
     "Assess policy compliance sign-off records for substance by sampling five AI systems and verifying sign-off documentation reflects actual policy review with identified compliance or conflict findings, rather than pro forma attestation with no substantive content",
     "Evaluate ethics policy framework alignment with current regulatory requirements by mapping sub-policy provisions against EU AI Act Art. 9 and 13 obligations, identifying any provisions where policy language lags regulatory requirements"
    ],
    "blocking_effect": "blocks-deployment",
    "normative_status": "binding-law",
    "anti_patterns": [
     "Publishing a single high-level AI ethics principles statement and treating it as a complete ethics policy framework without domain-specific sub-policies, a prohibited use register, or enforcement mechanisms at deployment gates",
     "Defining prohibited use registers with aspirational or vague language such as 'AI must not be used for harmful purposes' rather than specific enumerated prohibited use cases that enable unambiguous compliance determination",
     "Requiring ethics policy sign-off only at initial project approval without sign-off gates at pre-deployment and post-deployment monitoring stages, allowing policy-compliant designs to be implemented in policy-violating ways during development",
     "Conducting annual policy reviews on fixed calendar schedules without triggering review upon major regulatory changes such as EU AI Act implementing acts or new prohibited AI use guidance from competent authorities",
     "Treating ethics policy compliance as a documentation exercise where team leads self-certify without review by the ethics officer or legal counsel, undermining the governance function the policy framework is intended to provide"
    ],
    "update_status": "current",
    "layer_code": "EG"
   },
   {
    "id": "EG-03",
    "layer": "EG",
    "plane": "control",
    "name": "Senior and Board-Level Ethics Accountability",
    "plain": "C-suite executives and the board of directors must have defined accountability for AI ethics outcomes, receive regular ethics posture briefings, and be equipped to exercise meaningful oversight over material AI ethics risks.",
    "threat": {
     "tags": [
      "accountability-gap",
      "board-blindness",
      "ethics-opacity",
      "governance-failure"
     ],
     "desc": "When AI ethics accountability is delegated entirely below the executive level, material ethical failures can persist undetected until they become regulatory, reputational, or legal crises. Board members who lack visibility into AI ethics posture cannot exercise fiduciary oversight over AI-related risks. Absence of senior accountability creates cultural signals that ethics is compliance theater rather than a strategic commitment."
    },
    "standard": [
     {
      "id": "iso_42001",
      "section": "§5.1",
      "title": "Leadership commitment and accountability for AI ethics"
     },
     {
      "id": "nist_rmf",
      "section": "GOVERN 2.1",
      "title": "Executive accountability for AI risk outcomes"
     },
     {
      "id": "eu_ai_act",
      "section": "Art. 9",
      "title": "AI risk management system — senior oversight obligations"
     },
     {
      "id": "oecd_ai_principles",
      "section": "Principle 1.5",
      "title": "Accountability of AI actors including senior leadership"
     }
    ],
    "sources": [
     {
      "id": "anthropic_rsp_2024",
      "title": "Anthropic Responsible Scaling Policy v3.3",
      "authority": "Anthropic, PBC",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "3.3",
      "published_on": "2026-05-26",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.anthropic.com/responsible-scaling-policy",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "anthropic_rsp",
      "relationship": "informative_reference",
      "rationale": "Establishes Anthropic Responsible Scaling Policy v3.3 requirements informing the apeiris://ethics/controls/EG-03 Senior and Board-Level Ethics Accountability control.",
      "reviewed_on": "2026-07-02"
     },
     {
      "id": "microsoft_rai_standard_v2_2022",
      "title": "Microsoft Responsible AI Standard v2",
      "authority": "Microsoft Corporation",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2",
      "published_on": "2022-06-21",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.microsoft.com/en-us/ai/responsible-ai",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "microsoft_rai_standard_v2_2022",
      "relationship": "informative_reference",
      "rationale": "Establishes Microsoft Responsible AI Standard v2 requirements informing the apeiris://ethics/controls/EG-03 Senior and Board-Level Ethics Accountability control.",
      "reviewed_on": "2026-07-01"
     },
     {
      "id": "google_ai_principles_2023",
      "title": "Google AI Principles",
      "authority": "Google LLC",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2025",
      "published_on": "2025-02-04",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://ai.google/responsibility/principles/",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "google_ai_principles_2023",
      "relationship": "informative_reference",
      "rationale": "Establishes Google AI Principles requirements informing the apeiris://ethics/controls/EG-03 Senior and Board-Level Ethics Accountability control.",
      "reviewed_on": "2026-07-02"
     }
    ],
    "implementation": {
     "pattern": "Assign a named C-suite executive as Chief AI Ethics Officer or equivalent, establish board-level AI ethics reporting (minimum semi-annual), define material ethics risk thresholds that trigger immediate executive notification, and include AI ethics KPIs in executive performance objectives.",
     "steps": [
      "Designate a named C-suite executive with explicit accountability for AI ethics outcomes, documented in role descriptions and the organization's risk governance framework.",
      "Establish a recurring board-level AI ethics briefing (minimum semi-annual) using a standardized reporting template covering ethics posture, incidents, metrics, and material risks.",
      "Define material AI ethics risk thresholds that require immediate C-suite notification, documented in the incident response and escalation procedures.",
      "Include AI ethics performance objectives in C-suite executive scorecards and annual performance reviews."
     ],
     "ethics_officer": {
      "summary": "Senior accountability is the institutional signal that ethics is a strategic priority. Your role includes ensuring executives have the information and framing needed to exercise genuine oversight, not just ceremonial reporting.",
      "actions": [
       "Design a board-level ethics posture briefing template that translates technical findings into business-relevant risk language.",
       "Establish a direct escalation channel to the designated C-suite ethics accountable executive for material incidents.",
       "Document which executive roles have accountability for which ethics domains and ensure this is published internally."
      ],
      "failure_signals": [
       "No named C-suite executive has documented AI ethics accountability.",
       "Board has not received an AI ethics briefing in the past six months.",
       "No material risk threshold exists that triggers immediate executive notification."
      ]
     },
     "legal_counsel": {
      "summary": "Board-level AI ethics accountability creates a defensible record of director oversight for regulatory inquiries and litigation. The structure of accountability should be documented to support both regulatory defense and D&O liability management.",
      "actions": [
       "Advise the board on fiduciary duties related to AI ethics oversight under applicable corporate governance and AI regulatory frameworks.",
       "Review executive accountability documentation for alignment with EU AI Act obligations and applicable national law.",
       "Ensure board briefing records are retained as potential regulatory defense artifacts."
      ],
      "failure_signals": [
       "Board has received no briefing that documents awareness of material AI ethics risks.",
       "Executive accountability documentation does not reference regulatory obligations."
      ]
     },
     "grc_auditor": {
      "summary": "Senior accountability artifacts — role assignments, board minutes, briefing records, and executive KPIs — are the primary evidence for governance maturity assessments and regulatory examinations.",
      "actions": [
       "Obtain documented role assignment for the C-suite AI ethics accountable executive and verify it is current.",
       "Request board meeting minutes or briefing records from the past 12 months and verify AI ethics was discussed.",
       "Confirm that AI ethics KPIs exist in executive performance documentation."
      ],
      "metrics": [
       "C-suite AI ethics accountability: 100% — named executive with documented role.",
       "Board ethics briefing frequency: minimum semi-annual, target quarterly.",
       "Material risk escalation coverage: 100% of defined thresholds with documented escalation procedures."
      ],
      "failure_signals": [
       "No documented C-suite AI ethics accountability assignment.",
       "Board minutes show no AI ethics discussion in the past 12 months.",
       "AI ethics is absent from any executive performance objective."
      ]
     },
     "business_stakeholder": {
      "summary": "Senior and board-level accountability signals to employees, customers, and regulators that ethics is a genuine organizational commitment. This directly affects brand trust, talent retention, and regulatory relationships.",
      "actions": [
       "Advocate for inclusion of AI ethics posture in investor and customer-facing disclosures where appropriate.",
       "Ensure business unit heads understand their accountability contribution to the C-suite ethics posture report."
      ],
      "failure_signals": [
       "Business units are unable to report on their AI ethics posture to support executive reporting.",
       "Investor or regulatory inquiries about AI ethics have no documented executive response process."
      ]
     }
    },
    "maturity": {
     "current": "initial",
     "target": "defined",
     "notes": "Board-level AI ethics accountability is rare; most organizations delegate entirely to working-level teams without formal executive ownership."
    },
    "capability_risk": {
     "capability_level": "none"
    },
    "tiers": [
     "universal-enterprise",
     "high-risk-sector",
     "eu-high-risk-ai",
     "federated-enterprise"
    ],
    "implementers": [
     "Executive Leadership",
     "Board of Directors",
     "Ethics Office",
     "GRC Team"
    ],
    "frameworks": [
     {
      "framework": "iso_42001",
      "requirement_id": "§5.1",
      "fit": "direct",
      "rationale": "ISO/IEC 42001:2023 §5.1 requires top management to demonstrate leadership and commitment to the AI management system, including establishing accountability structures. This control directly operationalizes that leadership commitment requirement.",
      "normative_force": "certification-standard",
      "source_version": "2023",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "nist_rmf",
      "requirement_id": "GOVERN 2.1",
      "fit": "direct",
      "rationale": "NIST AI RMF GOVERN 2.1 requires that organizational leadership establishes and maintains oversight structures for AI risk, including senior leadership accountability. Board-level reporting and C-suite accountability directly implement this function.",
      "normative_force": "voluntary-standard",
      "source_version": "1.0",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "eu_ai_act",
      "requirement_id": "Art. 9",
      "fit": "direct",
      "rationale": "EU AI Act Article 9 requires that high-risk AI providers implement a risk management system with appropriate senior oversight. Designated C-suite accountability and board reporting are foundational elements of this oversight obligation.",
      "normative_force": "binding-law",
      "source_version": "2024/1689",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "satisfies"
     },
     {
      "framework": "oecd_ai_principles",
      "requirement_id": "Principle 1.5",
      "fit": "direct",
      "rationale": "OECD AI Principles on accountability extend to organizational actors at all levels including senior leadership. This control implements the principle that those with the most power over AI outcomes bear the highest accountability obligations.",
      "normative_force": "voluntary-standard",
      "source_version": "2024",
      "reviewed_on": "2026-07-02",
      "basis": "asserted",
      "relation": "informs"
     },
     {
      "framework": "un_ethics_ai",
      "requirement_id": "¶47 (Multi-stakeholder and adaptive governance)",
      "fit": "adjacent",
      "rationale": "UNESCO Recommendation ¶47 calls for multi-stakeholder and adaptive governance of AI. Senior and board-level accountability structures provide the defined institutional ownership through which an organization can participate in, and answer to, such governance expectations.",
      "normative_force": "voluntary-standard",
      "source_version": "2021",
      "reviewed_on": "2026-07-02",
      "basis": "asserted",
      "relation": "informs"
     },
     {
      "framework": "anthropic_rsp",
      "requirement_id": "Governance and Transparency — Responsible Scaling Officer and executive accountability",
      "fit": "partial",
      "rationale": "RSP v3.3's governance provisions place accountability for responsible scaling with named senior leadership — including a designated Responsible Scaling Officer — and commit the organization at its highest level to the policy's obligations. EG-03's C-suite accountability, board reporting, and executive ethics objectives formalize the same senior-ownership principle for enterprise AI ethics.",
      "normative_force": "best-practice",
      "source_version": "3.3",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "microsoft_rai",
      "requirement_id": "Goals A1–A5 (Accountability)",
      "fit": "direct",
      "rationale": "Microsoft Responsible AI Standard v2 Accountability goals explicitly require senior leadership ownership of responsible AI outcomes, including appropriate sign-off authority at organizational levels and accountability structures that extend to governance leadership. This control's requirements — naming a C-suite executive with documented AI ethics accountability, establishing board-level ethics reporting, and including AI ethics in executive performance objectives — directly implement the organizational accountability goals of the Microsoft RAI Standard.",
      "normative_force": "best-practice",
      "source_version": "v2 (2022)",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "google_ai_principles",
      "requirement_id": "Responsible development and deployment — appropriate human oversight, due diligence, and feedback mechanisms",
      "fit": "partial",
      "rationale": "Google's current AI Principles (the 2025 revision, which replaced the 2018 seven-principles list with three pillars — Bold innovation; Responsible development and deployment; Collaborative progress) commit to human oversight and due diligence, which at institutional scale requires named senior ownership. EG-03's C-suite accountability, board-level ethics reporting, and executive performance objectives put that ownership where consequential deployment decisions are actually made.",
      "normative_force": "best-practice",
      "source_version": "2025",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     }
    ],
    "canonical_id": "apeiris://ethics/controls/EG-03",
    "meta": {
     "authored_on": "2026-06-29",
     "schema_version": "1.1.0"
    },
    "validation_objective": "The organization must have a named C-suite executive with documented AI ethics accountability and evidence of at least semi-annual board-level AI ethics briefings within the trailing 12 months. Executive performance objectives must include AI ethics KPIs linked to measurable program outcomes.",
    "evidence_required": [
     "executive_accountability_assignment showing named C-suite role, documented accountability scope, and date of assignment in role description or governance framework",
     "board_briefing_records from past 12 months confirming AI ethics posture, material risks, and incident status were presented, with meeting minutes or attendance logs",
     "executive_performance_objectives document showing AI ethics KPIs included in C-suite scorecards with defined targets and measurement periods",
     "material_risk_escalation_procedure document defining thresholds that trigger immediate C-suite notification with named escalation contacts and SLA"
    ],
    "machine_tests": [
     "Query governance registry for current C-suite AI ethics accountable executive record → assert record exists with named_executive, role_id, accountability_scope, effective_date, and is_current=true",
     "Query board briefing record index for trailing 12-month period → assert minimum 2 briefing records exist each with date, agenda_item='AI Ethics Posture', and attendee_list including board members",
     "Query executive performance system for AI ethics KPI records → assert at least one active KPI per C-suite executive with target, measurement_unit, and review_date within the current performance cycle"
    ],
    "human_review": [
     "Review board meeting minutes to assess whether AI ethics discussion reflects genuine substantive engagement or ceremonial compliance with no follow-up actions recorded",
     "Assess executive accountability documentation for specificity — verify the named executive has actual authority to suspend AI systems or require ethics program changes, not merely symbolic oversight",
     "Verify that AI ethics KPIs in executive performance objectives are outcome-linked rather than purely activity-based (e.g., incident reduction rate vs. number of meetings attended)"
    ],
    "blocking_effect": "requires-review",
    "normative_status": "binding-law",
    "anti_patterns": [
     "Delegating AI ethics accountability to a VP-level or below role without C-suite ownership documented in the governance framework, creating the appearance of executive accountability without decision-making authority",
     "Scheduling board AI ethics briefings annually or less frequently, preventing the board from detecting trending ethical risks between reporting cycles",
     "Using generic ESG or sustainability KPIs in executive performance documents rather than AI-specific ethics outcome metrics linked to measurable program results",
     "Producing board briefing slide decks without supporting metrics, incident data, or material risk thresholds — creating ceremonial reporting that cannot inform executive decision-making",
     "Treating AI ethics accountability as a communications function rather than a risk governance function, with no defined authority to halt AI deployments or require corrective action"
    ],
    "update_status": "current",
    "layer_code": "EG"
   },
   {
    "id": "EG-04",
    "layer": "EG",
    "plane": "lifecycle",
    "name": "Ethics Training and Capability Building",
    "plain": "All personnel involved in AI development, deployment, and governance must complete structured ethics training covering AI ethics principles, bias and fairness methods, regulatory obligations, and escalation procedures, with training refreshed as the regulatory and technical landscape evolves.",
    "threat": {
     "tags": [
      "ethics-ignorance",
      "capability-gap",
      "ungoverned-development",
      "training-deficiency"
     ],
     "desc": "AI practitioners who lack ethics training make design decisions that inadvertently encode bias, violate privacy, or produce discriminatory outcomes without awareness of the harm. Product managers without ethics literacy approve deployments that violate organizational policy or regulatory requirements. Executives who have not received ethics briefings cannot provide meaningful oversight. Training gaps are a root cause of preventable ethics incidents."
    },
    "standard": [
     {
      "id": "iso_42001",
      "section": "§7.2",
      "title": "AI ethics competence requirements and training"
     },
     {
      "id": "nist_rmf",
      "section": "GOVERN 2.2",
      "title": "AI risk management training for personnel"
     },
     {
      "id": "ieee_7000",
      "section": "Clause 8",
      "title": "Values elicitation competency for AI system designers"
     },
     {
      "id": "acm_ethics",
      "section": "§2.7",
      "title": "Foster public understanding of computing including ethics"
     }
    ],
    "sources": [
     {
      "id": "google_ai_principles_2023",
      "title": "Google AI Principles",
      "authority": "Google LLC",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2025",
      "published_on": "2025-02-04",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://ai.google/responsibility/principles/",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "google_ai_principles_2023",
      "relationship": "informative_reference",
      "rationale": "Establishes Google AI Principles requirements informing the apeiris://ethics/controls/EG-04 Ethics Training and Capability Building control.",
      "reviewed_on": "2026-07-02"
     },
     {
      "id": "microsoft_rai_standard_v2_2022",
      "title": "Microsoft Responsible AI Standard v2",
      "authority": "Microsoft Corporation",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2",
      "published_on": "2022-06-21",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.microsoft.com/en-us/ai/responsible-ai",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "microsoft_rai_standard_v2_2022",
      "relationship": "informative_reference",
      "rationale": "Establishes Microsoft Responsible AI Standard v2 requirements informing the apeiris://ethics/controls/EG-04 Ethics Training and Capability Building control.",
      "reviewed_on": "2026-07-01"
     },
     {
      "id": "ibm_ai_fairness_360_2021",
      "title": "IBM AI Fairness 360 (AIF360)",
      "authority": "IBM Corporation",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2018",
      "published_on": "2018-09-19",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://github.com/Trusted-AI/AIF360",
      "license": "open-source-apache2",
      "status": "current",
      "flagship": false,
      "source_id": "ibm_ai_fairness_360_2021",
      "relationship": "informative_reference",
      "rationale": "Establishes IBM AI Fairness 360 (AIF360) requirements informing the apeiris://ethics/controls/EG-04 Ethics Training and Capability Building control.",
      "reviewed_on": "2026-07-02"
     }
    ],
    "implementation": {
     "pattern": "Implement role-differentiated AI ethics training programs: foundational training for all staff, technical ethics training for AI practitioners and data scientists, regulatory training for legal and compliance, and governance training for executives and board members. Require completion before AI system access and refresh annually.",
     "steps": [
      "Design role-specific training curricula: foundational AI ethics for all staff; technical training (bias detection, fairness metrics, privacy-preserving ML) for data scientists and engineers; regulatory training for legal, compliance, and product; and governance training for executives.",
      "Integrate ethics training completion as a prerequisite for AI system access, participation in AI development projects, and product manager sign-off authority.",
      "Establish a training refresh cadence: annual for all roles, triggered refresh when significant regulatory changes occur (e.g., EU AI Act implementation deadlines).",
      "Track training completion rates by role and report to the Ethics Board quarterly; use gaps to prioritize remediation."
     ],
     "ethics_officer": {
      "summary": "Training quality determines whether ethics principles translate into practitioner behavior. Generic compliance training is insufficient; role-specific, scenario-based training is required for genuine capability building.",
      "actions": [
       "Design or procure training curricula that include case studies, scenario exercises, and role-specific ethical decision-making frameworks.",
       "Partner with data science leadership to ensure technical ethics training covers current methods: fairness metrics, bias auditing, model cards, and data provenance.",
       "Establish a feedback mechanism for training participants to identify gaps and update curricula."
      ],
      "failure_signals": [
       "AI practitioners cannot describe applicable fairness metrics or bias detection methods.",
       "Training completion rate for AI teams falls below 90%.",
       "No training refresh has occurred following major regulatory changes."
      ]
     },
     "data_scientist": {
      "summary": "Technical ethics training gives you the methods to operationalize ethical principles in your work. Fairness metrics, bias detection, and privacy-preserving techniques are engineering disciplines, not just policy statements.",
      "actions": [
       "Complete technical ethics training covering applicable fairness metrics (demographic parity, equalized odds, calibration) and when each is appropriate.",
       "Apply bias auditing techniques at dataset curation and model evaluation stages, not only post-deployment.",
       "Document ethics training completion in model development records."
      ],
      "failure_signals": [
       "Model development documentation does not reference ethics training or fairness evaluation methods.",
       "Bias auditing is not performed until post-deployment user complaints are received."
      ]
     },
     "grc_auditor": {
      "summary": "Training completion records are auditable evidence that the organization has taken reasonable steps to build ethics capability. Gaps in training coverage are a direct governance finding.",
      "actions": [
       "Request training completion records disaggregated by role (AI practitioners, product managers, executives, board) for the trailing 12 months.",
       "Verify that training is role-differentiated and not a single generic module for all staff.",
       "Confirm that training prerequisites exist for AI system access and product sign-off authority."
      ],
      "metrics": [
       "Training completion rate by role: target 95% for AI practitioners, 100% for executives within 30 days of onboarding.",
       "Training refresh currency: 100% of staff with training completed within the past 12 months.",
       "Training-to-deployment gating: 100% of AI system approvers have current training completion records."
      ],
      "failure_signals": [
       "Training completion below 90% for any AI-facing role.",
       "No role-differentiated training exists; single generic module used for all staff.",
       "AI system deployed with approver who has no recorded ethics training completion."
      ]
     },
     "business_stakeholder": {
      "summary": "Ethics training ensures that business teams understand what they are committing to when they sign off on AI product requirements. Uninformed approvals are a source of downstream liability.",
      "actions": [
       "Ensure product and business unit leads complete the regulatory and governance ethics training track.",
       "Include ethics training completion as a requirement for business sign-off authority on AI product specifications."
      ],
      "failure_signals": [
       "Business approvers for AI products have not completed ethics training.",
       "Business team members cannot describe the organization's prohibited AI use cases."
      ]
     }
    },
    "maturity": {
     "current": "initial",
     "target": "defined",
     "notes": "Most organizations provide minimal or generic AI ethics awareness training; role-differentiated technical and governance training is rare."
    },
    "capability_risk": {
     "capability_level": "none"
    },
    "tiers": [
     "universal-enterprise",
     "high-risk-sector",
     "eu-high-risk-ai",
     "cloud-native"
    ],
    "implementers": [
     "Ethics Office",
     "Learning and Development",
     "AI Product Teams",
     "GRC Team"
    ],
    "frameworks": [
     {
      "framework": "iso_42001",
      "requirement_id": "§7.2",
      "fit": "direct",
      "rationale": "ISO/IEC 42001:2023 §7.2 requires organizations to determine necessary competence for AI management system roles and ensure persons are competent. This control directly implements role-specific competence requirements through structured training programs.",
      "normative_force": "certification-standard",
      "source_version": "2023",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "nist_rmf",
      "requirement_id": "GOVERN 2.2",
      "fit": "direct",
      "rationale": "NIST AI RMF GOVERN 2.2 requires that the organization's personnel and partners receive AI risk management training to enable them to fulfill their duties and responsibilities. This control implements that training requirement with role-differentiated ethics curricula.",
      "normative_force": "voluntary-standard",
      "source_version": "1.0",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "eu_ai_act",
      "requirement_id": "Art. 4",
      "fit": "direct",
      "rationale": "EU AI Act Article 4 explicitly requires providers and deployers of AI systems to ensure AI literacy for their staff. Role-differentiated ethics training programs are the primary mechanism for meeting this requirement.",
      "normative_force": "binding-law",
      "source_version": "2024/1689",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "satisfies"
     },
     {
      "framework": "ieee_7000",
      "requirement_id": "Clause 8 (Ethical values elicitation and prioritization)",
      "fit": "adjacent",
      "rationale": "IEEE 7000-2021 clause 8's values elicitation and prioritization process presupposes practitioners competent in ethical analysis and value-based engineering. Technical ethics training builds exactly that competency, enabling design teams to execute the standard's processes credibly.",
      "normative_force": "voluntary-standard",
      "source_version": "2021",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "google_ai_principles",
      "requirement_id": "Responsible development and deployment — appropriate human oversight, due diligence, and feedback mechanisms",
      "fit": "adjacent",
      "rationale": "Google's current AI Principles (the 2025 revision, which replaced the 2018 seven-principles list with three pillars — Bold innovation; Responsible development and deployment; Collaborative progress) commit to due diligence in AI development, which presupposes teams equipped with the knowledge and methods to identify and mitigate ethical risks. EG-04's role-differentiated ethics training builds that competency across engineering, product, legal, and governance roles.",
      "normative_force": "best-practice",
      "source_version": "2025",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "microsoft_rai",
      "requirement_id": "Goal A1 (Impact assessment)",
      "fit": "partial",
      "rationale": "Microsoft Responsible AI Standard v2 Impact Assessment requirements presuppose that AI teams have the competency to evaluate fairness, transparency, accountability, and safety dimensions of their systems — competency achievable only through structured role-specific training. The standard's requirements for impact assessment responsibilities across engineering, product, and legal roles directly create the training needs that this Ethics Training and Capability Building control addresses through its role-differentiated curriculum.",
      "normative_force": "best-practice",
      "source_version": "v2 (2022)",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "ibm_ai_fairness",
      "requirement_id": "Fairness metrics and mitigation algorithms (training curriculum)",
      "fit": "partial",
      "rationale": "AIF360's documented metrics and mitigation algorithms — demographic parity, equalized odds, reweighing, adversarial debiasing — form a concrete technical curriculum for EG-04 ethics training aimed at data scientists and ML engineers. Practitioners trained on the toolkit can apply it directly in model evaluation workflows.",
      "normative_force": "best-practice",
      "source_version": "2018",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     }
    ],
    "canonical_id": "apeiris://ethics/controls/EG-04",
    "meta": {
     "authored_on": "2026-06-29",
     "schema_version": "1.1.0"
    },
    "validation_objective": "All personnel with AI development, deployment, or governance responsibilities must have completed role-appropriate ethics training within the past 12 months, with training prerequisites enforced as a gate for AI system access and product sign-off authority. Training curricula must be role-differentiated across at least four tracks covering practitioners, product managers, legal/compliance, and executives.",
    "evidence_required": [
     "training_completion_records disaggregated by role (AI practitioner, product manager, legal/compliance, executive) showing completion date, curriculum version, and assessment score for each individual within the trailing 12 months",
     "role_differentiated_curriculum_documentation showing distinct training tracks for each AI-facing role with topic coverage including fairness metrics, bias detection, regulatory obligations, and escalation procedures",
     "system_access_prerequisite_log confirming ethics training completion status was verified before granting AI development environment access or product approval authority",
     "training_refresh_trigger_record documenting evaluation of training currency following major regulatory changes with decision rationale and revised curriculum effective date where applicable"
    ],
    "machine_tests": [
     "Query training completion database for all personnel in AI-facing roles → assert completion_rate >= 0.95 for AI practitioners and compliance_date within past 365 days for each record",
     "Query AI system access grant log for trailing 12 months → assert zero access grants where training_completion_verified=false at grant_time",
     "Query training curriculum registry → assert minimum 4 role-differentiated tracks exist each with distinct topic_list, assessment_method, and last_reviewed_date within past 24 months"
    ],
    "human_review": [
     "Review a sample of three role-specific training assessments to evaluate whether they test applied ethics decision-making or merely recall of policy text — scenario-based assessment indicates genuine capability building",
     "Interview 2-3 AI practitioners to assess ability to name and apply applicable fairness metrics for their current model, verifying training translated to working knowledge rather than checkbox completion",
     "Assess training refresh cadence decision-making records: verify the organization evaluated training currency when major regulatory milestones occurred and documented rationale for any decision to defer refresh"
    ],
    "blocking_effect": "blocks-deployment",
    "normative_status": "binding-law",
    "anti_patterns": [
     "Using a single generic AI awareness module for all staff regardless of role, providing executives and data scientists the same content without technical depth or governance specificity",
     "Treating training completion as a one-time onboarding step rather than an annual requirement, allowing practitioners to remain current with years-old curricula while regulatory and technical landscapes evolve",
     "Granting AI system access and product approval authority before verifying training completion, removing the training prerequisite gate that ensures decision-makers have baseline competency",
     "Measuring training compliance by enrollment rate rather than completion rate with assessment pass threshold, inflating apparent compliance while allowing practitioners to skip assessment"
    ],
    "update_status": "current",
    "layer_code": "EG"
   },
   {
    "id": "EG-05",
    "layer": "EG",
    "plane": "control",
    "name": "Third-Party AI Provider Ethics Accountability",
    "plain": "The enterprise must establish contractual obligations, due diligence procedures, and audit mechanisms to ensure that third-party AI providers — including model vendors, API providers, and AI component suppliers — meet organizational and regulatory ethics standards.",
    "threat": {
     "tags": [
      "third-party-ethics-gap",
      "vendor-liability",
      "supply-chain-ethics",
      "accountability-gap"
     ],
     "desc": "AI systems increasingly rely on third-party models and components whose ethical properties are opaque. Biased training data, undisclosed capability limitations, and absent safety evaluations in third-party systems become the deployer's liability when those systems produce harmful outcomes. Without contractual ethics requirements and audit rights, organizations cannot demonstrate due diligence to regulators and lack leverage to drive vendor improvement."
    },
    "standard": [
     {
      "id": "iso_42001",
      "section": "§8.4",
      "title": "Externally provided AI systems and supplier ethics obligations"
     },
     {
      "id": "nist_rmf",
      "section": "GOVERN 6.1",
      "title": "Third-party AI risk and accountability policies"
     },
     {
      "id": "eu_ai_act",
      "section": "Art. 26",
      "title": "Obligations of deployers of high-risk AI systems"
     },
     {
      "id": "oecd_ai_principles",
      "section": "Principle 1.5",
      "title": "Accountability across the AI value chain"
     }
    ],
    "sources": [
     {
      "id": "microsoft_rai_standard_v2_2022",
      "title": "Microsoft Responsible AI Standard v2",
      "authority": "Microsoft Corporation",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2",
      "published_on": "2022-06-21",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.microsoft.com/en-us/ai/responsible-ai",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "microsoft_rai_standard_v2_2022",
      "relationship": "informative_reference",
      "rationale": "Establishes Microsoft Responsible AI Standard v2 requirements informing the apeiris://ethics/controls/EG-05 Third-Party AI Provider Ethics Accountability control.",
      "reviewed_on": "2026-07-01"
     },
     {
      "id": "anthropic_rsp_2024",
      "title": "Anthropic Responsible Scaling Policy v3.3",
      "authority": "Anthropic, PBC",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "3.3",
      "published_on": "2026-05-26",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.anthropic.com/responsible-scaling-policy",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "anthropic_rsp",
      "relationship": "informative_reference",
      "rationale": "Establishes Anthropic Responsible Scaling Policy v3.3 requirements informing the apeiris://ethics/controls/EG-05 Third-Party AI Provider Ethics Accountability control.",
      "reviewed_on": "2026-07-02"
     },
     {
      "id": "openai_model_spec_2024",
      "title": "OpenAI Model Specification",
      "authority": "OpenAI, L.L.C.",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2024",
      "published_on": "2024-05-08",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://cdn.openai.com/spec/model-spec-2024-05-08.html",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "openai_model_spec_2024",
      "relationship": "informative_reference",
      "rationale": "Establishes OpenAI Model Specification requirements informing the apeiris://ethics/controls/EG-05 Third-Party AI Provider Ethics Accountability control.",
      "reviewed_on": "2026-07-01"
     },
     {
      "id": "google_ai_principles_2023",
      "title": "Google AI Principles",
      "authority": "Google LLC",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2025",
      "published_on": "2025-02-04",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://ai.google/responsibility/principles/",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "google_ai_principles_2023",
      "relationship": "informative_reference",
      "rationale": "Establishes Google AI Principles requirements informing the apeiris://ethics/controls/EG-05 Third-Party AI Provider Ethics Accountability control.",
      "reviewed_on": "2026-07-02"
     },
     {
      "id": "ibm_ai_fairness_360_2021",
      "title": "IBM AI Fairness 360 (AIF360)",
      "authority": "IBM Corporation",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2018",
      "published_on": "2018-09-19",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://github.com/Trusted-AI/AIF360",
      "license": "open-source-apache2",
      "status": "current",
      "flagship": false,
      "source_id": "ibm_ai_fairness_360_2021",
      "relationship": "informative_reference",
      "rationale": "Establishes IBM AI Fairness 360 (AIF360) requirements informing the apeiris://ethics/controls/EG-05 Third-Party AI Provider Ethics Accountability control.",
      "reviewed_on": "2026-07-02"
     },
     {
      "id": "meta_llama_responsible_use_2024",
      "title": "Meta Llama Responsible Use Guide",
      "authority": "Meta Platforms, Inc.",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2023",
      "published_on": "2023-07-18",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.llama.com/responsible-use-guide/",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "meta_llama_responsible_use_2024",
      "relationship": "informative_reference",
      "rationale": "Establishes Meta Llama Responsible Use Guide requirements informing the apeiris://ethics/controls/EG-05 Third-Party AI Provider Ethics Accountability control.",
      "reviewed_on": "2026-07-02"
     }
    ],
    "implementation": {
     "pattern": "Implement a third-party AI ethics lifecycle: pre-procurement ethics due diligence with a standardized questionnaire, contractual ethics requirements (transparency, bias documentation, audit rights, incident notification), ongoing monitoring, and periodic ethics audits of material vendors.",
     "steps": [
      "Develop a third-party AI ethics due diligence questionnaire covering training data provenance, bias evaluation results, safety testing, incident history, and ethics governance maturity.",
      "Require contractual ethics commitments from all AI providers: prohibition on prohibited use cases, bias documentation (model cards or equivalent), security incident notification within 24 hours, and audit rights for material systems.",
      "Maintain a third-party AI provider registry with ethics due diligence status, contractual commitments, and last audit date.",
      "Conduct annual ethics audits of material AI providers, with right to terminate contracts for ethics failures that cannot be remediated within agreed timelines."
     ],
     "ethics_officer": {
      "summary": "Third-party ethics accountability is a supply chain problem. Your organization inherits the ethical properties of every AI system you deploy, regardless of who built it. Contractual requirements and audit rights are your primary levers.",
      "actions": [
       "Design the third-party ethics due diligence questionnaire covering training data, bias evaluation, safety testing, and governance maturity.",
       "Establish minimum acceptable ethics standards for new AI vendor procurement, documented as pass/fail criteria in the procurement policy.",
       "Create a monitoring process for material AI providers that tracks published incidents, regulatory findings, and policy changes."
      ],
      "failure_signals": [
       "No third-party AI ethics due diligence process exists.",
       "AI provider contracts lack audit rights or ethics-related termination clauses.",
       "Material AI providers have not been ethics-reviewed in the past 12 months."
      ]
     },
     "legal_counsel": {
      "summary": "Third-party AI ethics obligations create deployer liability exposure under the EU AI Act and emerging national frameworks. Contract terms must explicitly address ethics requirements, audit rights, and consequence of non-compliance.",
      "actions": [
       "Draft standard AI provider contract clauses covering ethics obligations, bias documentation requirements, incident notification, and audit rights.",
       "Assess deployer obligations under EU AI Act Art. 26 for each category of third-party AI system in use.",
       "Establish contract review triggers for ethics-related regulatory developments affecting existing vendor relationships."
      ],
      "failure_signals": [
       "AI provider contracts have no ethics obligations, audit rights, or ethics-related termination clauses.",
       "Deployer obligations under EU AI Act Art. 26 have not been assessed for material third-party AI systems."
      ]
     },
     "grc_auditor": {
      "summary": "Third-party AI ethics accountability requires a registry, documented due diligence, contractual commitments, and audit evidence. Each element is independently auditable.",
      "actions": [
       "Request the third-party AI provider registry and verify it includes all material AI systems in production.",
       "Sample three material providers and verify current ethics due diligence documentation, contractual ethics commitments, and most recent audit.",
       "Confirm that new AI provider procurement includes ethics due diligence as a mandatory gate."
      ],
      "metrics": [
       "Third-party AI provider registry completeness: 100% of material AI systems registered.",
       "Ethics due diligence currency: 100% of material providers reviewed within the past 12 months.",
       "Contract ethics coverage: 100% of material providers with documented ethics obligations and audit rights."
      ],
      "failure_signals": [
       "Material AI providers are not registered or have no documented due diligence.",
       "Contracts lack ethics clauses, audit rights, or incident notification requirements.",
       "No annual ethics review has been conducted for any material provider."
      ]
     },
     "business_stakeholder": {
      "summary": "Third-party AI ethics failures become your business's reputational and regulatory problem when deployed in customer-facing or high-stakes contexts. Procurement gates protect the business from inheriting vendor ethics liabilities.",
      "actions": [
       "Include ethics due diligence completion as a mandatory step in the AI vendor procurement approval workflow.",
       "Ensure business units using third-party AI systems can identify the provider, applicable ethics commitments, and escalation contact for ethics concerns."
      ],
      "failure_signals": [
       "Business units deploying third-party AI cannot identify the ethics due diligence status of the systems they use.",
       "Procurement approvals for AI systems bypass ethics review gates."
      ]
     }
    },
    "maturity": {
     "current": "initial",
     "target": "defined",
     "notes": "Third-party AI ethics accountability is nascent; most procurement processes have no ethics-specific requirements beyond general vendor risk assessments."
    },
    "capability_risk": {
     "capability_level": "none"
    },
    "tiers": [
     "universal-enterprise",
     "high-risk-sector",
     "eu-high-risk-ai",
     "federated-enterprise",
     "multi-tenant"
    ],
    "implementers": [
     "Ethics Office",
     "Legal Counsel",
     "Procurement",
     "GRC Team"
    ],
    "frameworks": [
     {
      "framework": "iso_42001",
      "requirement_id": "§8.4",
      "fit": "direct",
      "rationale": "ISO/IEC 42001:2023 §8.4 requires organizations to ensure that externally provided AI systems conform to the AI management system requirements. This control implements supplier ethics accountability mechanisms that satisfy this requirement.",
      "normative_force": "certification-standard",
      "source_version": "2023",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "nist_rmf",
      "requirement_id": "GOVERN 6.1",
      "fit": "direct",
      "rationale": "NIST AI RMF GOVERN 6.1 requires policies and procedures for assessing and managing risks from third-party AI systems and components. This control implements the due diligence and contractual accountability mechanisms GOVERN 6.1 requires.",
      "normative_force": "voluntary-standard",
      "source_version": "1.0",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "eu_ai_act",
      "requirement_id": "Art. 26",
      "fit": "direct",
      "rationale": "EU AI Act Article 26 establishes the obligations of deployers of high-risk AI systems — using systems in accordance with provider instructions, assigning oversight, and ensuring required documentation — while Article 25 allocates responsibilities along the AI value chain. This control implements the deployer-side due diligence and contractual accountability those provisions require when AI systems are procured from third-party providers.",
      "normative_force": "binding-law",
      "source_version": "2024/1689",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "satisfies"
     },
     {
      "framework": "oecd_ai_principles",
      "requirement_id": "Principle 1.5",
      "fit": "direct",
      "rationale": "OECD AI Principles on accountability explicitly address accountability across the AI value chain, including for organizations that deploy AI systems built by others. Third-party ethics accountability mechanisms operationalize this value chain accountability principle.",
      "normative_force": "voluntary-standard",
      "source_version": "2024",
      "reviewed_on": "2026-07-02",
      "basis": "asserted",
      "relation": "informs"
     },
     {
      "framework": "microsoft_rai",
      "requirement_id": "Goal A2 (requirement A2.2 — Sensitive Uses review)",
      "fit": "partial",
      "rationale": "Microsoft Responsible AI Standard v2 Goal A2 (requirement A2.2 — Sensitive Uses review) includes review requirements that extend to third-party AI system evaluation. This industry framework validates the approach of requiring ethics review as part of third-party AI procurement.",
      "normative_force": "best-practice",
      "source_version": "v2 (2022)",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "anthropic_rsp",
      "requirement_id": "Governance and Transparency — public safety framework disclosure",
      "fit": "partial",
      "rationale": "Anthropic publishes its RSP as a public safety framework describing Capability Thresholds, Required Safeguards, and governance structure — exactly the class of provider safety documentation that EG-05 due diligence should request from AI vendors. Due-diligence questionnaires can use the RSP's structure (thresholds, safeguards, governance, disclosure) as a benchmark for what a responsible AI provider policy should contain.",
      "normative_force": "best-practice",
      "source_version": "3.3",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "openai_model_spec",
      "requirement_id": "Overview (published model behavior specification)",
      "fit": "partial",
      "rationale": "The Model Spec is a canonical example of the behavior and safety documentation an AI provider should publish for its deployers. EG-05 due-diligence questionnaires can treat a Model Spec equivalent — stated behavioral principles, restricted behaviors, and an instruction-authority hierarchy — as an expected documentation category when evaluating whether an AI vendor has adequately characterized the ethical behavior of its systems.",
      "normative_force": "best-practice",
      "source_version": "2025-12-18",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "google_ai_principles",
      "requirement_id": "Responsible development and deployment — appropriate human oversight, due diligence, and feedback mechanisms",
      "fit": "partial",
      "rationale": "Google's current AI Principles (the 2025 revision, which replaced the 2018 seven-principles list with three pillars — Bold innovation; Responsible development and deployment; Collaborative progress) provide a structured, published baseline for evaluating AI providers' stated ethics commitments during procurement. EG-05 third-party due diligence can assess whether vendors have publicly committed to and operationalized commitments equivalent to the current three pillars — responsible development and deployment in particular.",
      "normative_force": "best-practice",
      "source_version": "2025",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "ibm_ai_fairness",
      "requirement_id": "Fairness metrics (vendor due-diligence benchmark)",
      "fit": "partial",
      "rationale": "EG-05 due-diligence questionnaires can ask whether AI vendors have evaluated their models with validated open-source fairness tooling such as AIF360 — demographic parity and equalized odds assessments with disclosed results. The toolkit provides an objective technical benchmark for judging vendor bias-governance claims.",
      "normative_force": "best-practice",
      "source_version": "2018",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "meta_llama_rai",
      "requirement_id": "Responsible Use Guide (provider guidance); Llama Acceptable Use Policy (separate document)",
      "fit": "direct",
      "rationale": "Meta's Responsible Use Guide and the separate Llama Acceptable Use Policy are concrete examples of the provider ethics documentation EG-05 due diligence should collect: development-stage safety guidance, evaluation and red-teaming practices, and enumerated prohibited uses. The EG-05 questionnaire's documentation categories map directly onto what Meta publishes for Llama.",
      "normative_force": "best-practice",
      "source_version": "2023",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     }
    ],
    "canonical_id": "apeiris://ethics/controls/EG-05",
    "meta": {
     "authored_on": "2026-06-29",
     "schema_version": "1.1.0"
    },
    "validation_objective": "All material third-party AI providers must have documented ethics due diligence on file reviewed within the past 12 months, with contractual ethics obligations including audit rights, bias documentation requirements, and incident notification clauses. A maintained registry must enumerate all material AI systems with due diligence status and last audit date.",
    "evidence_required": [
     "third_party_ai_provider_registry listing all material AI systems in production with provider_name, system_id, ethics_due_diligence_date, contractual_ethics_obligations_status, and last_audit_date",
     "completed_ethics_due_diligence_questionnaires for each material provider covering training data provenance, bias evaluation results, safety testing outcomes, incident history, and ethics governance maturity score",
     "vendor_contract_ethics_clauses or amendment documentation showing audit rights, bias documentation requirements (model card or equivalent), incident notification SLA, and ethics-related termination trigger",
     "annual_ethics_audit_report or equivalent review for each material provider with findings, remediation actions, and close-out evidence"
    ],
    "machine_tests": [
     "Query third-party AI provider registry → assert every material AI system has a registry entry with ethics_due_diligence_date within the past 365 days and contractual_obligations_status='documented'",
     "Query contract repository for all AI vendor contracts → assert contract_ethics_audit_rights=true AND incident_notification_sla_hours <= 24 AND ethics_termination_clause=true for each material provider",
     "Cross-reference registry against active AI systems in production inventory → assert zero production AI systems with provider_id absent from the ethics registry or with overdue_due_diligence=true"
    ],
    "human_review": [
     "Review due diligence questionnaire responses from two material providers and assess whether vendor claims about bias evaluation and safety testing are supported by referenced methodology, third-party audit reports, or model cards — not unsubstantiated self-attestation",
     "Assess contract ethics clauses for enforceability: verify audit rights specify scope and notice period, incident notification obligations identify triggering event categories, and ethics-related termination triggers use objective criteria",
     "Verify that the organization has exercised at least one audit right or formal ethics review with a material provider in the past 12 months, confirming the process is operational rather than solely documented"
    ],
    "blocking_effect": "blocks-deployment",
    "normative_status": "binding-law",
    "anti_patterns": [
     "Approving new AI vendor procurement without completing ethics due diligence, bypassing the questionnaire process when time pressure or relationship factors create pressure to skip the ethics review gate",
     "Including ethics clauses in contracts using vague language ('provider will use reasonable efforts to minimize bias') rather than specific obligations with defined deliverables, timelines, and consequences for non-compliance",
     "Maintaining a third-party AI registry that lists providers but lacks due diligence dates, last audit records, or contractual obligation status — creating the appearance of oversight without actionable evidence",
     "Accepting vendor-provided model cards or safety summaries as the sole due diligence artifact without assessing methodology, coverage gaps, or independent verification",
     "Treating ethics due diligence as a procurement gate only, with no ongoing monitoring process for material providers whose ethics posture may change post-contract"
    ],
    "update_status": "current",
    "layer_code": "EG"
   },
   {
    "id": "EG-06",
    "layer": "EG",
    "plane": "control",
    "name": "Ethics Incident Response",
    "plain": "The enterprise must maintain documented procedures for identifying, escalating, investigating, and responding to ethical failures in AI systems, including harm identification, affected party notification, root cause analysis, and corrective action tracking.",
    "threat": {
     "tags": [
      "ethics-incident-undetected",
      "escalation-failure",
      "response-gap",
      "remediation-failure"
     ],
     "desc": "AI systems can produce ethically harmful outcomes — discriminatory decisions, privacy violations, manipulative outputs — that persist for extended periods when no incident response mechanism exists. Undetected incidents compound harm and increase regulatory liability. Inadequate escalation procedures mean ethical failures that reach working-level teams may never be acted upon at the level of authority required to suspend or modify the system. Absence of root cause analysis allows incidents to recur."
    },
    "standard": [
     {
      "id": "iso_42001",
      "section": "§10.1",
      "title": "Nonconformity and corrective action for AI ethics"
     },
     {
      "id": "nist_rmf",
      "section": "MANAGE 4.3",
      "title": "AI incident response, communication, and documentation"
     },
     {
      "id": "eu_ai_act",
      "section": "Art. 73",
      "title": "Reporting of serious incidents to authorities"
     },
     {
      "id": "ieee_7000",
      "section": "Clause 9",
      "title": "Ethical requirements as incident detection criteria"
     }
    ],
    "sources": [
     {
      "id": "anthropic_rsp_2024",
      "title": "Anthropic Responsible Scaling Policy v3.3",
      "authority": "Anthropic, PBC",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "3.3",
      "published_on": "2026-05-26",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.anthropic.com/responsible-scaling-policy",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "anthropic_rsp",
      "relationship": "informative_reference",
      "rationale": "Establishes Anthropic Responsible Scaling Policy v3.3 requirements informing the apeiris://ethics/controls/EG-06 Ethics Incident Response control.",
      "reviewed_on": "2026-07-02"
     },
     {
      "id": "openai_model_spec_2024",
      "title": "OpenAI Model Specification",
      "authority": "OpenAI, L.L.C.",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2024",
      "published_on": "2024-05-08",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://cdn.openai.com/spec/model-spec-2024-05-08.html",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "openai_model_spec_2024",
      "relationship": "informative_reference",
      "rationale": "Establishes OpenAI Model Specification requirements informing the apeiris://ethics/controls/EG-06 Ethics Incident Response control.",
      "reviewed_on": "2026-07-01"
     },
     {
      "id": "microsoft_rai_standard_v2_2022",
      "title": "Microsoft Responsible AI Standard v2",
      "authority": "Microsoft Corporation",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2",
      "published_on": "2022-06-21",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.microsoft.com/en-us/ai/responsible-ai",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "microsoft_rai_standard_v2_2022",
      "relationship": "informative_reference",
      "rationale": "Establishes Microsoft Responsible AI Standard v2 requirements informing the apeiris://ethics/controls/EG-06 Ethics Incident Response control.",
      "reviewed_on": "2026-07-01"
     },
     {
      "id": "google_ai_principles_2023",
      "title": "Google AI Principles",
      "authority": "Google LLC",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2025",
      "published_on": "2025-02-04",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://ai.google/responsibility/principles/",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "google_ai_principles_2023",
      "relationship": "informative_reference",
      "rationale": "Establishes Google AI Principles requirements informing the apeiris://ethics/controls/EG-06 Ethics Incident Response control.",
      "reviewed_on": "2026-07-02"
     },
     {
      "id": "meta_llama_responsible_use_2024",
      "title": "Meta Llama Responsible Use Guide",
      "authority": "Meta Platforms, Inc.",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2023",
      "published_on": "2023-07-18",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.llama.com/responsible-use-guide/",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "meta_llama_responsible_use_2024",
      "relationship": "informative_reference",
      "rationale": "Establishes Meta Llama Responsible Use Guide requirements informing the apeiris://ethics/controls/EG-06 Ethics Incident Response control.",
      "reviewed_on": "2026-07-02"
     }
    ],
    "implementation": {
     "pattern": "Establish an AI ethics incident response procedure covering detection triggers, severity classification, escalation paths, investigation protocol, affected party notification, remediation tracking, and post-incident review. Integrate with existing security incident response and product incident processes.",
     "steps": [
      "Define AI ethics incident categories and severity levels: Level 1 (potential harm, investigation required), Level 2 (confirmed harm, system modification required), Level 3 (severe harm, immediate suspension and regulatory notification required).",
      "Document detection mechanisms: user feedback channels, automated monitoring alerts, third-party audit findings, and regulatory inquiries as incident intake sources.",
      "Establish escalation procedures: Level 1 to Ethics Officer within 24 hours, Level 2 to C-suite within 4 hours, Level 3 to C-suite and legal within 1 hour with regulatory notification assessment.",
      "Define investigation protocol: incident chronicling, affected population identification, root cause analysis, and corrective action plan with defined owner and deadline.",
      "Conduct post-incident reviews for all Level 2+ incidents and feed findings into ethics policy and training updates."
     ],
     "ethics_officer": {
      "summary": "Ethics incident response converts reactive harm recognition into systematic learning. The quality of your investigation protocol and post-incident review process determines whether the organization gets better or merely responds.",
      "actions": [
       "Design the ethics incident severity classification framework and ensure it is calibrated against regulatory notification thresholds (EU AI Act Art. 73).",
       "Establish affected party notification procedures, including when and how to notify individuals harmed by AI system failures.",
       "Create a post-incident review template that feeds findings back into policy, training, and system design improvements."
      ],
      "failure_signals": [
       "No documented AI ethics incident response procedure exists.",
       "Ethics incidents are being tracked informally without severity classification or escalation records.",
       "No post-incident review has been conducted for any confirmed ethics incident in the past 12 months."
      ]
     },
     "legal_counsel": {
      "summary": "Ethics incident response procedures determine regulatory notification timeliness and litigation exposure. Procedures must be calibrated against legal notification obligations and privilege protection requirements.",
      "actions": [
       "Map ethics incident severity levels to regulatory notification obligations under EU AI Act Art. 73 and applicable national laws.",
       "Advise on privilege protections for investigation documentation and when external legal counsel should be engaged.",
       "Review affected party notification procedures for alignment with applicable privacy and consumer protection obligations."
      ],
      "failure_signals": [
       "Incident response procedures do not address regulatory notification obligations or timelines.",
       "Investigation documentation practices create inadvertent privilege waiver risks."
      ]
     },
     "grc_auditor": {
      "summary": "Ethics incident response capability is tested by examining procedures, incident logs, escalation records, and post-incident review completeness. The absence of recorded incidents is not evidence of effectiveness — it may evidence detection failure.",
      "actions": [
       "Obtain the AI ethics incident response procedure and verify it includes severity classification, escalation paths, investigation protocol, and post-incident review requirements.",
       "Request incident logs from the trailing 12 months and verify classification, escalation, and closure documentation for each incident.",
       "Verify that post-incident reviews exist for all Level 2+ incidents and that findings are traceable to policy or system changes."
      ],
      "metrics": [
       "Incident response procedure coverage: 100% — procedure documented and current.",
       "Incident escalation compliance: 100% of Level 2+ incidents escalated within defined SLA.",
       "Post-incident review completion: 100% of Level 2+ incidents with documented post-incident review."
      ],
      "failure_signals": [
       "No AI ethics incident log exists or incidents are undocumented.",
       "Level 2+ incidents lack escalation records within defined SLA.",
       "Post-incident reviews absent for confirmed ethics incidents."
      ]
     },
     "data_scientist": {
      "summary": "Ethics incidents often originate in model behavior that practitioners can detect before users experience harm. Knowing how to recognize and report ethics incidents is a core professional responsibility.",
      "actions": [
       "Learn the organization's ethics incident intake procedure and the threshold for reporting potential ethics concerns.",
       "Document anomalous model outputs that may indicate ethical failures and report through the formal intake channel.",
       "Participate in post-incident reviews as a subject matter expert on model behavior causation."
      ],
      "failure_signals": [
       "Data scientists are unaware of the ethics incident intake procedure or reporting threshold.",
       "Anomalous model outputs are addressed as technical bugs without evaluation for ethical harm."
      ]
     }
    },
    "maturity": {
     "current": "initial",
     "target": "defined",
     "notes": "Most organizations lack formal AI ethics incident response procedures; ethics failures are typically escalated ad hoc or handled as PR and legal issues rather than systematic incidents."
    },
    "capability_risk": {
     "capability_level": "none"
    },
    "tiers": [
     "universal-enterprise",
     "high-risk-sector",
     "eu-high-risk-ai",
     "federated-enterprise"
    ],
    "implementers": [
     "Ethics Office",
     "Legal Counsel",
     "AI Product Teams",
     "Security Operations"
    ],
    "frameworks": [
     {
      "framework": "iso_42001",
      "requirement_id": "§10.1",
      "fit": "direct",
      "rationale": "ISO/IEC 42001:2023 §10.1 requires organizations to react to nonconformities in the AI management system, take corrective action, and review the effectiveness of actions taken. Ethics incident response procedures directly implement this nonconformity and corrective action requirement.",
      "normative_force": "certification-standard",
      "source_version": "2023",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "nist_rmf",
      "requirement_id": "MANAGE 4.3",
      "fit": "direct",
      "rationale": "NIST AI RMF MANAGE 4.3 requires that incidents and errors are communicated to relevant AI actors and that processes for tracking, responding to, and recovering from them are followed and documented. This control implements the incident identification, escalation, and remediation elements of that requirement for ethics incidents.",
      "normative_force": "voluntary-standard",
      "source_version": "1.0",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "eu_ai_act",
      "requirement_id": "Art. 73",
      "fit": "direct",
      "rationale": "EU AI Act Article 73 requires providers of high-risk AI systems to report serious incidents to market surveillance authorities without undue delay. This control's severity classification and escalation procedures directly implement the regulatory notification requirements of Art. 73.",
      "normative_force": "binding-law",
      "source_version": "2024/1689",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "satisfies"
     },
     {
      "framework": "ieee_7000",
      "requirement_id": "Clause 9 (Ethical requirements definition)",
      "fit": "adjacent",
      "rationale": "IEEE 7000-2021 clause 9's ethical requirements provide the defined criteria whose violation in operation constitutes an ethical failure. Ethics incident response procedures operationalize detection of and response to such violations at the organizational process level.",
      "normative_force": "voluntary-standard",
      "source_version": "2021",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "acm_ethics",
      "requirement_id": "§1.2",
      "fit": "adjacent",
      "rationale": "ACM Code of Ethics §1.2 requires computing professionals to avoid harm and take immediate action when harm is identified. Organizational ethics incident response procedures institutionalize this professional obligation at the enterprise level.",
      "normative_force": "best-practice",
      "source_version": "2018",
      "reviewed_on": "2026-06-29",
      "basis": "asserted",
      "relation": "informs"
     },
     {
      "framework": "anthropic_rsp",
      "requirement_id": "Capability Thresholds (threshold-triggered evaluation and response)",
      "fit": "partial",
      "rationale": "Under RSP v3.3, approaching or crossing a Capability Threshold triggers mandatory assessment and pre-committed responses, up to restricting deployment until Required Safeguards are in place. EG-06 ethics incident response can reference this threshold-triggered response model when calibrating severity tiers and escalation triggers — defined indicators mechanically producing defined response obligations.",
      "normative_force": "best-practice",
      "source_version": "3.3",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "openai_model_spec",
      "requirement_id": "Stay in bounds — Try to prevent imminent real-world harm",
      "fit": "partial",
      "rationale": "The Model Spec's Stay in bounds section enumerates categories of behavior OpenAI's models must refuse — from facilitating imminent real-world harm to restricted content classes. When a deployed system produces outputs in these categories, that is an ethics incident under EG-06's classification framework, so the spec's restricted-behavior categories provide a published taxonomy for calibrating incident classification and escalation triggers for systems built on OpenAI models.",
      "normative_force": "best-practice",
      "source_version": "2025-12-18",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "microsoft_rai",
      "requirement_id": "Goals RS1–RS3 (Reliability & Safety)",
      "fit": "partial",
      "rationale": "Microsoft Responsible AI Standard v2 Reliability & Safety requirements include monitoring for responsible AI failures, corrective action obligations, and sensitive use review escalation mechanisms. These requirements provide an industry model for ethics incident classification and response — specifically the escalation path from detection through sensitive use review to corrective action — that enterprise Ethics Incident Response procedures can reference when defining their own severity tiers and response workflows.",
      "normative_force": "best-practice",
      "source_version": "v2 (2022)",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "google_ai_principles",
      "requirement_id": "Responsible development and deployment — rigorous design, testing, monitoring, and safeguards",
      "fit": "partial",
      "rationale": "Google's current AI Principles (the 2025 revision, which replaced the 2018 seven-principles list with three pillars — Bold innovation; Responsible development and deployment; Collaborative progress) commit to monitoring and safeguards for deployed AI, which require systematic mechanisms for detecting and responding to failures. EG-06 implements those mechanisms as formal incident intake, severity-tiered escalation to decision-makers with authority to act, and post-incident review feeding design improvements.",
      "normative_force": "best-practice",
      "source_version": "2025",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "meta_llama_rai",
      "requirement_id": "Build transparency and reporting mechanisms",
      "fit": "partial",
      "rationale": "The Responsible Use Guide recommends building reporting mechanisms into LLM products so harmful outputs and misuse can be surfaced, and the Acceptable Use Policy defines prohibited-use categories that constitute reportable violations. EG-06 incident classification for LLM-based systems can use those categories as a severity-calibration taxonomy, with the guide's reporting mechanisms feeding incident intake.",
      "normative_force": "best-practice",
      "source_version": "2023",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     }
    ],
    "canonical_id": "apeiris://ethics/controls/EG-06",
    "meta": {
     "authored_on": "2026-06-29",
     "schema_version": "1.1.0"
    },
    "validation_objective": "The organization must have a documented AI ethics incident response procedure covering severity classification (minimum three levels), escalation timelines with named roles, investigation protocol, affected party notification procedures, and post-incident review requirements. All Level 2+ incidents must have complete escalation and investigation records within defined SLA, and post-incident reviews must be traceable to policy or system changes.",
    "evidence_required": [
     "ai_ethics_incident_response_procedure document with version date, severity classification framework (minimum three levels), named escalation roles with SLA timelines, investigation protocol, affected party notification criteria, and post-incident review requirements",
     "ethics_incident_log for trailing 12 months showing each incident's classification, intake date, escalation timestamp, assigned investigator, resolution date, and closure status",
     "post_incident_review_reports for each Level 2+ incident containing root cause analysis, affected population estimate, corrective action plan with owner and deadline, and policy or system change traceable to the finding",
     "regulatory_notification_assessment_records for Level 3+ incidents showing evaluation of EU AI Act Art. 73 reporting obligations and notification status where applicable"
    ],
    "machine_tests": [
     "Query ethics incident log for all Level 2+ incidents in trailing 12 months → assert escalation_timestamp minus intake_timestamp <= 4 hours for Level 2 and <= 1 hour for Level 3 incidents",
     "Query ethics incident log for all Level 2+ incidents → assert post_incident_review_status='complete' and review_completed_date is not null for each incident",
     "Query incident procedure document registry → assert current_version_date within past 24 months AND severity_levels_count >= 3 AND regulatory_notification_section_present=true"
    ],
    "human_review": [
     "Select two closed Level 2+ incidents and trace the post-incident review finding to a documented policy change, training update, or system modification — verify the finding did not result in a memo with no traceable corrective action",
     "Assess severity classification framework calibration against EU AI Act Art. 73 serious incident definition: verify that Level 3 criteria capture the incident categories that would trigger regulatory notification obligations",
     "Evaluate the affected party notification procedure for operational readiness: confirm it specifies identification method for affected individuals, notification content template, and delivery channel with a named responsible role"
    ],
    "blocking_effect": "requires-review",
    "normative_status": "binding-law",
    "anti_patterns": [
     "Handling AI ethics incidents through informal communications (Slack messages, email threads) without a formal intake record, preventing auditability of the organization's awareness and response timeline",
     "Using severity classifications so broad that all incidents are classified as Level 1 and none escalate to Level 2, preventing C-suite awareness of confirmed ethical harms",
     "Conducting post-incident reviews that produce narrative findings without specific corrective action owners, deadlines, or implementation tracking — creating review theater with no accountability for improvement",
     "Treating ethics incidents as PR or legal management problems rather than systematic governance events, routing incidents to communications teams before Ethics Officers have conducted a formal assessment",
     "Failing to assess regulatory notification obligations for severe incidents, creating regulatory exposure when Art. 73 notification requirements apply but are not evaluated within the required timeframe"
    ],
    "update_status": "current",
    "layer_code": "EG"
   },
   {
    "id": "EG-07",
    "layer": "EG",
    "plane": "both",
    "name": "Ethics Program Metrics and Effectiveness Measurement",
    "plain": "The enterprise must define, collect, and report a portfolio of metrics that measure whether the AI ethics program is achieving its stated objectives, including leading and lagging indicators across governance, training, incident response, and system-level ethical performance.",
    "threat": {
     "tags": [
      "ethics-program-blindness",
      "metric-gaming",
      "effectiveness-gap",
      "accountability-vacuum"
     ],
     "desc": "Without structured metrics, ethics programs become compliance theater: activities are performed but outcomes are unmeasured. Organizations cannot demonstrate ethics program effectiveness to regulators, boards, or the public. Metric absence creates accountability vacuums where significant investment in ethics governance produces no measurable improvement in AI system ethical performance. When metrics exist but are poorly designed, organizations optimize for appearance rather than outcomes."
    },
    "standard": [
     {
      "id": "iso_42001",
      "section": "§9.1",
      "title": "AI management system performance monitoring and measurement"
     },
     {
      "id": "nist_rmf",
      "section": "MEASURE 2.1",
      "title": "AI risk metrics and monitoring"
     },
     {
      "id": "ieee_7000",
      "section": "§9.3",
      "title": "Metrics for ethical performance of AI systems"
     },
     {
      "id": "oecd_ai_principles",
      "section": "Principle 1.5",
      "title": "Accountability through measurable AI ethics outcomes"
     }
    ],
    "sources": [
     {
      "id": "anthropic_rsp_2024",
      "title": "Anthropic Responsible Scaling Policy v3.3",
      "authority": "Anthropic, PBC",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "3.3",
      "published_on": "2026-05-26",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.anthropic.com/responsible-scaling-policy",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "anthropic_rsp",
      "relationship": "informative_reference",
      "rationale": "Establishes Anthropic Responsible Scaling Policy v3.3 requirements informing the apeiris://ethics/controls/EG-07 Ethics Program Metrics and Effectiveness Measurement control.",
      "reviewed_on": "2026-07-02"
     },
     {
      "id": "openai_model_spec_2024",
      "title": "OpenAI Model Specification",
      "authority": "OpenAI, L.L.C.",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2024",
      "published_on": "2024-05-08",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://cdn.openai.com/spec/model-spec-2024-05-08.html",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "openai_model_spec_2024",
      "relationship": "informative_reference",
      "rationale": "Establishes OpenAI Model Specification requirements informing the apeiris://ethics/controls/EG-07 Ethics Program Metrics and Effectiveness Measurement control.",
      "reviewed_on": "2026-07-01"
     },
     {
      "id": "microsoft_rai_standard_v2_2022",
      "title": "Microsoft Responsible AI Standard v2",
      "authority": "Microsoft Corporation",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2",
      "published_on": "2022-06-21",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.microsoft.com/en-us/ai/responsible-ai",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "microsoft_rai_standard_v2_2022",
      "relationship": "informative_reference",
      "rationale": "Establishes Microsoft Responsible AI Standard v2 requirements informing the apeiris://ethics/controls/EG-07 Ethics Program Metrics and Effectiveness Measurement control.",
      "reviewed_on": "2026-07-01"
     },
     {
      "id": "google_ai_principles_2023",
      "title": "Google AI Principles",
      "authority": "Google LLC",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2025",
      "published_on": "2025-02-04",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://ai.google/responsibility/principles/",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "google_ai_principles_2023",
      "relationship": "informative_reference",
      "rationale": "Establishes Google AI Principles requirements informing the apeiris://ethics/controls/EG-07 Ethics Program Metrics and Effectiveness Measurement control.",
      "reviewed_on": "2026-07-02"
     },
     {
      "id": "ibm_ai_fairness_360_2021",
      "title": "IBM AI Fairness 360 (AIF360)",
      "authority": "IBM Corporation",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2018",
      "published_on": "2018-09-19",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://github.com/Trusted-AI/AIF360",
      "license": "open-source-apache2",
      "status": "current",
      "flagship": false,
      "source_id": "ibm_ai_fairness_360_2021",
      "relationship": "informative_reference",
      "rationale": "Establishes IBM AI Fairness 360 (AIF360) requirements informing the apeiris://ethics/controls/EG-07 Ethics Program Metrics and Effectiveness Measurement control.",
      "reviewed_on": "2026-07-02"
     }
    ],
    "implementation": {
     "pattern": "Define a balanced ethics metrics portfolio: governance metrics (board briefing frequency, training completion rates, policy coverage), process metrics (due diligence completion, incident response SLA adherence), and outcome metrics (ethics incident rate, bias finding remediation rate, regulatory finding rate). Report quarterly to the Ethics Board and semi-annually to executive leadership.",
     "steps": [
      "Define the ethics metrics portfolio with a balanced mix of leading indicators (training completion, policy coverage, due diligence completion) and lagging indicators (ethics incident rate, regulatory findings, bias remediation rate).",
      "Establish data collection mechanisms for each metric: automated where possible (training system completions, incident log counts), manual where required (policy review dates, audit completion).",
      "Create a quarterly ethics metrics dashboard for the Ethics Board with trend analysis, threshold alerts, and action items for metrics below target.",
      "Publish an annual AI ethics effectiveness report to executive leadership and, where appropriate, to the board of directors and external stakeholders.",
      "Review the metrics portfolio annually to retire metrics that have lost discriminating power and add metrics that address emerging ethics risks."
     ],
     "ethics_officer": {
      "summary": "Metrics are only valuable if they measure what matters. Design outcome metrics that would change if the ethics program failed, not just activity metrics that measure effort. The most important metric is one that would give you early warning of a systemic failure.",
      "actions": [
       "Design the metrics portfolio with a deliberate split of leading indicators (preventive) and lagging indicators (outcome), ensuring both are covered.",
       "Establish clear targets and alert thresholds for each metric, documented in the metrics framework.",
       "Use metrics reviews as an input to ethics program strategy: declining metrics should trigger program adjustments, not just reporting."
      ],
      "failure_signals": [
       "Ethics metrics portfolio contains only activity metrics with no outcome indicators.",
       "Metrics have not been reviewed or updated in the past 12 months.",
       "No ethics metrics have triggered program adjustments in the past 12 months, suggesting possible metric insensitivity."
      ]
     },
     "grc_auditor": {
      "summary": "Ethics program metrics are the primary evidence for assessing ethics program effectiveness in regulatory examinations and certification audits. Metric design quality, collection rigor, and evidence of management action are the key audit tests.",
      "actions": [
       "Obtain the ethics metrics portfolio and assess whether it includes both leading and lagging indicators across governance, process, and outcome dimensions.",
       "Verify that metrics data is collected from documented sources and that the collection methodology is reproducible.",
       "Confirm that ethics metrics are reported to the Ethics Board and executive leadership and that action items from metrics reviews are tracked to closure."
      ],
      "metrics": [
       "Metrics portfolio balance: minimum 3 leading and 3 lagging indicators across governance, process, and outcome dimensions.",
       "Metrics reporting currency: 100% — quarterly Ethics Board reports and semi-annual executive reports published on schedule.",
       "Metrics-to-action traceability: 100% of metrics below threshold with documented action items and closure records."
      ],
      "failure_signals": [
       "Ethics metrics portfolio exists but contains only activity metrics with no outcome measurement.",
       "Quarterly metrics reports have not been published or presented to the Ethics Board.",
       "No documented action items have resulted from ethics metrics reviews in the past 12 months."
      ]
     },
     "business_stakeholder": {
      "summary": "Ethics program metrics translate governance investment into business-relevant evidence. They enable the organization to demonstrate ethics program effectiveness to customers, regulators, and investors.",
      "actions": [
       "Request inclusion of key ethics performance metrics in investor, customer, and regulatory disclosures where appropriate.",
       "Use ethics metrics trend data to identify business units or AI systems with elevated ethics risk profiles and prioritize governance resources accordingly."
      ],
      "failure_signals": [
       "No ethics metrics are available to support investor or regulatory inquiries.",
       "Business units cannot identify their ethics performance metrics or how they compare to organizational targets."
      ]
     },
     "data_scientist": {
      "summary": "Technical ethics metrics — fairness measurements, bias finding rates, model card completeness — are inputs to the program-level metrics dashboard. Your rigor in measuring technical ethics properties is what makes outcome metrics credible.",
      "actions": [
       "Ensure model evaluations produce quantitative fairness metrics documented in model cards or evaluation reports.",
       "Report bias findings and remediation status through the formal ethics metrics data collection process.",
       "Participate in metrics review discussions to provide technical context for anomalous metric values."
      ],
      "failure_signals": [
       "Model evaluations do not produce quantitative fairness metrics.",
       "Bias findings are undocumented or not reported through ethics metrics channels."
      ]
     }
    },
    "maturity": {
     "current": "initial",
     "target": "managed",
     "notes": "Ethics program metrics are uncommon; most programs track activity completion but not ethical outcome effectiveness."
    },
    "capability_risk": {
     "capability_level": "none"
    },
    "tiers": [
     "universal-enterprise",
     "high-risk-sector",
     "eu-high-risk-ai",
     "federated-enterprise"
    ],
    "implementers": [
     "Ethics Office",
     "GRC Team",
     "AI Product Teams",
     "Executive Leadership"
    ],
    "frameworks": [
     {
      "framework": "iso_42001",
      "requirement_id": "§9.1",
      "fit": "direct",
      "rationale": "ISO/IEC 42001:2023 §9.1 requires organizations to monitor, measure, analyze, and evaluate the performance of the AI management system. This control directly implements the measurement and evaluation requirements of §9.1 through a structured metrics portfolio.",
      "normative_force": "certification-standard",
      "source_version": "2023",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "nist_rmf",
      "requirement_id": "MEASURE 2.1",
      "fit": "direct",
      "rationale": "NIST AI RMF MEASURE 2.1 requires that AI risk metrics and monitoring approaches are defined and implemented. This control implements the MEASURE function requirement for a structured portfolio of ethics and risk metrics with defined collection and reporting processes.",
      "normative_force": "voluntary-standard",
      "source_version": "1.0",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "ieee_7000",
      "requirement_id": "§9.3",
      "fit": "partial",
      "rationale": "IEEE 7000-2021 §9.3 requires that metrics be defined to evaluate the ethical performance of AI systems over their operational lifetime. This control extends these technical metrics requirements to the program governance level with a balanced portfolio of leading and lagging indicators.",
      "normative_force": "voluntary-standard",
      "source_version": "2021",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "eu_ai_act",
      "requirement_id": "Art. 9(4)",
      "fit": "partial",
      "rationale": "EU AI Act Article 9(4) requires that the risk management system for high-risk AI is a continuous iterative process requiring examination of performance indicators. Ethics program metrics that include system-level outcomes provide the measurement basis for this continuous risk management process.",
      "normative_force": "binding-law",
      "source_version": "2024/1689",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "satisfies"
     },
     {
      "framework": "oecd_ai_principles",
      "requirement_id": "Principle 1.5",
      "fit": "adjacent",
      "rationale": "OECD AI Principles on accountability require that AI actors can demonstrate accountability for their AI systems' behavior. A metrics portfolio that measures ethics program effectiveness is the evidentiary basis for demonstrating that accountability principle.",
      "normative_force": "voluntary-standard",
      "source_version": "2024",
      "reviewed_on": "2026-07-02",
      "basis": "asserted",
      "relation": "informs"
     },
     {
      "framework": "anthropic_rsp",
      "requirement_id": "Risk Reports (evaluation-gated deployment)",
      "fit": "partial",
      "rationale": "RSP v3.3 measures safety through defined capability evaluations with documented consequences recorded in Risk Reports, rather than through activity counts. EG-07's metrics portfolio should include the same outcome-based layer — measurable assessments of whether deployed systems actually meet ethical behavior standards — alongside governance activity metrics.",
      "normative_force": "best-practice",
      "source_version": "3.3",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "openai_model_spec",
      "requirement_id": "Stay in bounds; Seek the truth together; Do the best work",
      "fit": "partial",
      "rationale": "The Model Spec expresses OpenAI's behavioral objectives as named, observable standards — staying in bounds, seeking the truth together, doing the best work — that can be evaluated against model outputs. EG-07 ethics program metrics can use such published behavioral categories as reference outcome dimensions, translating governance principles into measurable indicators rather than tracking activity completion alone.",
      "normative_force": "best-practice",
      "source_version": "2025-12-18",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "microsoft_rai",
      "requirement_id": "Goals A1–A5 (Accountability)",
      "fit": "partial",
      "rationale": "Microsoft Responsible AI Standard v2 Accountability goals include explicit requirements for measuring responsible AI outcomes through impact assessment monitoring and documented evidence of governance effectiveness. The standard's systematic requirements for fairness, transparency, reliability, and accountability evaluations provide specific metric categories — impact assessment completion rates, fairness evaluation findings, transparency documentation coverage — that map directly to the governance and outcome layers of an Ethics Program Metrics and Effectiveness Measurement portfolio.",
      "normative_force": "best-practice",
      "source_version": "v2 (2022)",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "google_ai_principles",
      "requirement_id": "Responsible development and deployment — appropriate human oversight, due diligence, and feedback mechanisms",
      "fit": "partial",
      "rationale": "Google's current AI Principles (the 2025 revision, which replaced the 2018 seven-principles list with three pillars — Bold innovation; Responsible development and deployment; Collaborative progress) commit to due diligence and oversight that can be demonstrated through outcomes. An EG-07 metrics portfolio that measures fairness, transparency, and accountability outcomes — not just governance activity — converts those commitments into observable, reportable program performance data.",
      "normative_force": "best-practice",
      "source_version": "2025",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "ibm_ai_fairness",
      "requirement_id": "Fairness metrics (quantitative outcome indicators)",
      "fit": "partial",
      "rationale": "AIF360's computable fairness metrics supply the quantitative system-level outcome indicators for an EG-07 ethics metrics portfolio, making fairness outcomes measurable rather than purely qualitative. Metric results from scheduled batch evaluations feed the outcome layer of the program dashboard.",
      "normative_force": "best-practice",
      "source_version": "2018",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     }
    ],
    "canonical_id": "apeiris://ethics/controls/EG-07",
    "meta": {
     "authored_on": "2026-06-29",
     "schema_version": "1.1.0"
    },
    "validation_objective": "The organization must maintain an active ethics metrics portfolio containing a minimum of three leading indicators and three lagging indicators across governance, process, and outcome dimensions, with documented collection methodology, quarterly Ethics Board reporting, and traceable action items for any metric below defined threshold. At least one outcome metric must measure system-level ethical performance such as bias finding rate or ethics incident rate.",
    "evidence_required": [
     "ethics_metrics_portfolio_document defining each metric with name, type (leading/lagging), dimension (governance/process/outcome), collection source, target value, threshold, and reporting cadence",
     "quarterly_ethics_metrics_dashboard_reports for trailing 12 months showing metric values, trend indicators, threshold alert status, and action items for below-threshold metrics",
     "action_item_tracking_records linking below-threshold metrics to specific corrective actions with owner, deadline, and closure evidence demonstrating that metrics reviews drive program adjustments",
     "annual_ethics_effectiveness_report submitted to executive leadership and the Ethics Board with program-level assessment against stated ethics objectives"
    ],
    "machine_tests": [
     "Query ethics metrics portfolio → assert minimum 3 metrics with type='leading' and minimum 3 with type='lagging', with at least one outcome metric containing system_level_measurement=true",
     "Query quarterly metrics report index → assert 4 quarterly reports published within the trailing 12-month period each with report_date, metrics_snapshot, and action_items_count field populated",
     "Cross-reference metrics below threshold from all quarterly reports against action_item_tracking → assert zero below-threshold metric instances without a corresponding action item record with owner and deadline"
    ],
    "human_review": [
     "Assess whether the outcome metrics in the portfolio would actually change if the ethics program failed — test sensitivity by evaluating whether any current metric value would detect a 25% increase in ethics incident rate or a significant bias finding in a deployed model",
     "Review metrics collection methodology documentation for two outcome metrics to verify the collection method is reproducible by a different analyst and the data source is authoritative rather than self-reported",
     "Evaluate the annual ethics effectiveness report against stated ethics program objectives: verify the report draws conclusions about objective achievement rather than only reporting activity counts"
    ],
    "blocking_effect": "advisory",
    "normative_status": "binding-law",
    "anti_patterns": [
     "Building an ethics metrics portfolio composed entirely of activity metrics (training completed, policies reviewed, meetings held) with no outcome metrics that would detect failure in actual AI system ethical performance",
     "Publishing quarterly ethics metrics dashboards without threshold alerts or action items, reporting metrics as informational without committing to any programmatic response when metrics fall below target",
     "Selecting metrics that are easily gamed (e.g., self-reported ethics concern count rather than independently audited bias finding rate), creating reporting that shows positive trends while underlying ethical performance deteriorates",
     "Failing to review the metrics portfolio annually, allowing metrics to lose discriminating power as the AI ethics program matures while the portfolio continues reporting the same indicators",
     "Tracking metrics without linking them to program strategy: below-threshold metrics result in notes in the report rather than triggering specific adjustments to training, process, or governance priorities"
    ],
    "update_status": "current",
    "layer_code": "EG"
   },
   {
    "id": "EG-08",
    "layer": "EG",
    "plane": "lifecycle",
    "name": "EthicsAttestation Production",
    "plain": "The enterprise must produce the EthicsAttestation artifact (EG-08) by aggregating evidence from all ethics domain controls (EF, FA, XP, HI, FM, EG layers), applying a confidence assessment, and signing the attestation to certify that AI ethics governance is implemented and evidenced for a defined scope, period, and set of AI systems.",
    "threat": {
     "tags": [
      "attestation-gap",
      "evidence-incompleteness",
      "certification-failure",
      "governance-opacity"
     ],
     "desc": "Without a formal attestation artifact, ethics governance remains an internal process with no authoritative, time-bound, signed record of compliance status. Regulators, auditors, and supply chain partners cannot verify ethics governance without a machine-readable, signed attestation. Evidence accumulated across ethics domain controls provides no assurance value unless aggregated, assessed for completeness, and expressed as a formal attestation with explicit confidence and validity bounds."
    },
    "standard": [
     {
      "id": "iso_42001",
      "section": "§9.3",
      "title": "AI management system review output and attestation"
     },
     {
      "id": "nist_rmf",
      "section": "GOVERN 4.2",
      "title": "Documented evidence of AI governance and ethics program"
     },
     {
      "id": "eu_ai_act",
      "section": "Art. 43",
      "title": "Conformity assessment and documentation for high-risk AI"
     },
     {
      "id": "oecd_ai_principles",
      "section": "Principle 1.5",
      "title": "Documented accountability with evidence"
     }
    ],
    "sources": [
     {
      "id": "anthropic_rsp_2024",
      "title": "Anthropic Responsible Scaling Policy v3.3",
      "authority": "Anthropic, PBC",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "3.3",
      "published_on": "2026-05-26",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.anthropic.com/responsible-scaling-policy",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "anthropic_rsp",
      "relationship": "informative_reference",
      "rationale": "Establishes Anthropic Responsible Scaling Policy v3.3 requirements informing the apeiris://ethics/controls/EG-08 EthicsAttestation Production control.",
      "reviewed_on": "2026-07-02"
     },
     {
      "id": "openai_model_spec_2024",
      "title": "OpenAI Model Specification",
      "authority": "OpenAI, L.L.C.",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2024",
      "published_on": "2024-05-08",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://cdn.openai.com/spec/model-spec-2024-05-08.html",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "openai_model_spec_2024",
      "relationship": "informative_reference",
      "rationale": "Establishes OpenAI Model Specification requirements informing the apeiris://ethics/controls/EG-08 EthicsAttestation Production control.",
      "reviewed_on": "2026-07-01"
     },
     {
      "id": "microsoft_rai_standard_v2_2022",
      "title": "Microsoft Responsible AI Standard v2",
      "authority": "Microsoft Corporation",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2",
      "published_on": "2022-06-21",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.microsoft.com/en-us/ai/responsible-ai",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "microsoft_rai_standard_v2_2022",
      "relationship": "informative_reference",
      "rationale": "Establishes Microsoft Responsible AI Standard v2 requirements informing the apeiris://ethics/controls/EG-08 EthicsAttestation Production control.",
      "reviewed_on": "2026-07-01"
     },
     {
      "id": "google_ai_principles_2023",
      "title": "Google AI Principles",
      "authority": "Google LLC",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2025",
      "published_on": "2025-02-04",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://ai.google/responsibility/principles/",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "google_ai_principles_2023",
      "relationship": "informative_reference",
      "rationale": "Establishes Google AI Principles requirements informing the apeiris://ethics/controls/EG-08 EthicsAttestation Production control.",
      "reviewed_on": "2026-07-02"
     },
     {
      "id": "meta_llama_responsible_use_2024",
      "title": "Meta Llama Responsible Use Guide",
      "authority": "Meta Platforms, Inc.",
      "source_type": "vendor-guidance",
      "normative_force": "best-practice",
      "version": "2023",
      "published_on": "2023-07-18",
      "retrieved_on": "2026-06-29",
      "canonical_url": "https://www.llama.com/responsible-use-guide/",
      "license": "proprietary-free",
      "status": "current",
      "flagship": false,
      "source_id": "meta_llama_responsible_use_2024",
      "relationship": "informative_reference",
      "rationale": "Establishes Meta Llama Responsible Use Guide requirements informing the apeiris://ethics/controls/EG-08 EthicsAttestation Production control.",
      "reviewed_on": "2026-07-02"
     }
    ],
    "implementation": {
     "pattern": "Define the EthicsAttestation schema extending the Apeiris evidence ontology. Build an attestation production workflow that: (1) collects evidence artifacts from all six ethics layers (EF, FA, XP, HI, FM, EG-01 through EG-07), (2) evaluates completeness against the evidence_completeness_status field, (3) computes a composite confidence score, (4) produces the EthicsAttestation JSON artifact, (5) signs with Ed25519, and (6) registers the artifact in the evidence graph.",
     "steps": [
      "Define the EthicsAttestation schema: extend the Apeiris evidence ontology with ethics-specific fields including ethics_layer_coverage (array of layer attestation hashes), composite_confidence, blocking_effect, and ethics_program_maturity_level.",
      "Build the evidence collection workflow that queries the evidence graph for all ethics domain evidence artifacts within the attestation scope (defined by system_id, organization_id, period_start, period_end).",
      "Implement completeness evaluation: map collected evidence to the required controls for each ethics layer and compute evidence_completeness_status as complete, partial, or incomplete.",
      "Compute composite confidence: aggregate individual control confidence scores using the domain weighting defined in the Apeiris federation spec, apply penalties for incomplete evidence layers.",
      "Produce, sign (Ed25519), and register the EthicsAttestation artifact with required ontology fields: evidence_id, actor, intent, action, resource, policy, obligation, verdict, blocking_effect, confidence, confidence_basis, collected_at, valid_from, valid_until, reviewed_on, source_freshness_status, residual_risk, producer_verifier, consumer_verifiers, evidence_completeness_status, runtime_gate_required, integrity.hash (sha256), integrity.signature (Ed25519).",
      "Publish the attestation to the federation endpoint at apeiris://ethics/controls/EG-08 and notify registered consumer_verifiers via the attestation change event protocol."
     ],
     "ethics_officer": {
      "summary": "The EthicsAttestation is the authoritative, signed record of ethics governance posture. Its value depends entirely on the completeness and quality of evidence from all six ethics layers. Attestation gaps expose the organization to regulatory challenge.",
      "actions": [
       "Define the attestation scope (systems, period, organizational boundary) and ensure evidence collection workflows are scoped consistently.",
       "Review the composite confidence score and blocking_effect before signing; challenge any attestation with confidence below organizational threshold.",
       "Ensure the attestation production process is run at least annually, before major AI system deployments, and on demand for regulatory inquiries."
      ],
      "failure_signals": [
       "EthicsAttestation has not been produced in the past 12 months.",
       "Attestation confidence score is below organizational threshold without documented residual risk acceptance.",
       "Evidence completeness status is 'incomplete' for any required ethics layer."
      ]
     },
     "legal_counsel": {
      "summary": "The EthicsAttestation is a formal compliance artifact with legal significance for regulatory examinations. Its production, content, retention, and disclosure must be managed with the same care as other legal compliance documentation.",
      "actions": [
       "Review the EthicsAttestation schema and verify it includes all fields required by applicable regulations, particularly EU AI Act conformity documentation requirements.",
       "Establish retention policies for EthicsAttestation artifacts: minimum 10 years for high-risk AI systems under EU AI Act, longer if required by sector regulation.",
       "Define disclosure procedures: when attestation artifacts may be shared with regulators, auditors, and supply chain partners, and what redactions if any are required."
      ],
      "failure_signals": [
       "EthicsAttestation artifacts are not retained under a documented retention policy.",
       "Attestation disclosure procedures are undefined, creating ad hoc responses to regulatory requests."
      ]
     },
     "grc_auditor": {
      "summary": "The EthicsAttestation is the apex evidence artifact for the ethics domain. Audit procedures should verify the attestation production process, evidence completeness, confidence computation, and integrity controls.",
      "actions": [
       "Request the most recent EthicsAttestation artifact and verify it conforms to the Apeiris evidence ontology schema.",
       "Verify the Ed25519 signature and sha256 hash integrity of the attestation artifact.",
       "Trace the attestation's evidence_completeness_status to the underlying layer evidence artifacts and verify at least three referenced artifacts for completeness.",
       "Confirm that attestation valid_until date is current and the artifact has not expired."
      ],
      "metrics": [
       "EthicsAttestation production currency: 100% — valid non-expired attestation in registry.",
       "Attestation evidence completeness: target 'complete' status for all six ethics layers.",
       "Attestation confidence: above organizational minimum threshold (default 0.75 composite score).",
       "Attestation integrity: 100% — valid Ed25519 signature and matching sha256 hash."
      ],
      "failure_signals": [
       "No valid EthicsAttestation in the evidence registry.",
       "Attestation evidence_completeness_status is 'incomplete' for one or more ethics layers.",
       "Signature verification fails or hash mismatch detected.",
       "Attestation valid_until has passed without renewal."
      ]
     },
     "business_stakeholder": {
      "summary": "The EthicsAttestation is the machine-readable, signed proof of ethics governance that can be shared with regulators, customers, and supply chain partners. It converts ethics governance investment into a transferable trust artifact.",
      "actions": [
       "Understand when and how EthicsAttestation artifacts can be shared externally to support customer due diligence, regulatory examinations, and supply chain trust inquiries.",
       "Ensure the attestation production schedule aligns with customer contract renewal dates, regulatory submission deadlines, and public disclosure obligations."
      ],
      "failure_signals": [
       "EthicsAttestation cannot be located or shared in response to a regulatory inquiry within the required timeframe.",
       "Attestation production schedule is not aligned with known external disclosure obligations."
      ]
     }
    },
    "maturity": {
     "current": "initial",
     "target": "defined",
     "notes": "Formal AI ethics attestation artifacts are rare; this control represents a leading-edge governance practice that most organizations will build toward over multiple maturity stages."
    },
    "capability_risk": {
     "capability_level": "none"
    },
    "tiers": [
     "universal-enterprise",
     "high-risk-sector",
     "eu-high-risk-ai",
     "federated-enterprise",
     "multi-tenant"
    ],
    "implementers": [
     "Ethics Office",
     "Platform Engineering",
     "GRC Team",
     "Legal Counsel"
    ],
    "frameworks": [
     {
      "framework": "iso_42001",
      "requirement_id": "§9.3",
      "fit": "direct",
      "rationale": "ISO/IEC 42001:2023 §9.3 requires top management to review the AI management system at planned intervals and produce documented outputs of the review. The EthicsAttestation production control directly implements this management review and documented output requirement.",
      "normative_force": "certification-standard",
      "source_version": "2023",
      "reviewed_on": "2026-06-29",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "nist_rmf",
      "requirement_id": "GOVERN 4.2",
      "fit": "direct",
      "rationale": "NIST AI RMF GOVERN 4.2 requires documentation and communication of AI risks and impacts in support of organizational accountability. The EthicsAttestation is the apex documentation artifact that fulfills this communication and documentation requirement across the entire ethics domain.",
      "normative_force": "voluntary-standard",
      "source_version": "1.0",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "eu_ai_act",
      "requirement_id": "Art. 43",
      "fit": "direct",
      "rationale": "EU AI Act Article 43 requires conformity assessment procedures for high-risk AI systems and mandates that technical documentation demonstrate conformity. The EthicsAttestation, with its signed evidence aggregation and completeness assessment, directly serves as the conformity documentation required under Art. 43.",
      "normative_force": "binding-law",
      "source_version": "2024/1689",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "satisfies"
     },
     {
      "framework": "oecd_ai_principles",
      "requirement_id": "Principle 1.5",
      "fit": "direct",
      "rationale": "OECD AI Principles on accountability require that AI actors can be held accountable and that accountability is demonstrable. A signed, time-bounded EthicsAttestation with explicit confidence and evidence completeness fields is the formal accountability demonstration this principle requires.",
      "normative_force": "voluntary-standard",
      "source_version": "2024",
      "reviewed_on": "2026-07-02",
      "basis": "asserted",
      "relation": "informs"
     },
     {
      "framework": "un_ethics_ai",
      "requirement_id": "¶47 (Multi-stakeholder and adaptive governance)",
      "fit": "adjacent",
      "rationale": "UNESCO Recommendation ¶47's multi-stakeholder governance expectations presuppose verifiable accountability artifacts. A signed, machine-readable EthicsAttestation gives external stakeholders a verifiable record of the organization's ethics posture, supporting participatory oversight.",
      "normative_force": "voluntary-standard",
      "source_version": "2021",
      "reviewed_on": "2026-07-02",
      "basis": "asserted",
      "relation": "informs"
     },
     {
      "framework": "anthropic_rsp",
      "requirement_id": "Governance and Transparency — Risk Reports",
      "fit": "partial",
      "rationale": "The RSP v3.3 functions as an organization-level, versioned commitment artifact: explicit obligations, defined conditions of validity, mandatory assessments documented in Risk Reports, and governance sign-off. EG-08's EthicsAttestation adopts the same design — a signed, time-bounded artifact whose confidence is conditioned on evidence completeness — for the enterprise ethics domain.",
      "normative_force": "best-practice",
      "source_version": "3.3",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "openai_model_spec",
      "requirement_id": "Overview (published model behavior specification)",
      "fit": "partial",
      "rationale": "The Model Spec is a formal, versioned governance document in which OpenAI states the behavioral standards its models are held to. For EG-08, it models the kind of vendor-published behavioral commitment that EthicsAttestation evidence collection should reference when attesting systems built on third-party models, and its dated versioning illustrates the time-bounded validity an attestation artifact requires.",
      "normative_force": "best-practice",
      "source_version": "2025-12-18",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "microsoft_rai",
      "requirement_id": "Goals T1–T3 (Transparency); Goals A1–A5 (Accountability)",
      "fit": "partial",
      "rationale": "Microsoft Responsible AI Standard v2 Transparency requirements and Accountability goals include obligations to document responsible AI governance posture and communicate it to relevant stakeholders in a verifiable form. The EthicsAttestation Production control implements these transparency and documentation obligations by producing a machine-readable, Ed25519-signed artifact with explicit confidence, evidence completeness, and validity fields that satisfy formal accountability reporting requirements.",
      "normative_force": "best-practice",
      "source_version": "v2 (2022)",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "equivalent_to"
     },
     {
      "framework": "google_ai_principles",
      "requirement_id": "Responsible development and deployment — appropriate human oversight, due diligence, and feedback mechanisms",
      "fit": "partial",
      "rationale": "Google's current AI Principles (the 2025 revision, which replaced the 2018 seven-principles list with three pillars — Bold innovation; Responsible development and deployment; Collaborative progress) commit to oversight and due diligence that external parties can verify. EG-08's EthicsAttestation — a signed, time-bounded artifact with explicit confidence and evidence-completeness fields — is the demonstrable accountability record that makes such verification possible.",
      "normative_force": "best-practice",
      "source_version": "2025",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     },
     {
      "framework": "meta_llama_rai",
      "requirement_id": "Build transparency and reporting mechanisms",
      "fit": "partial",
      "rationale": "Meta's published Llama evaluations and use policies are vendor-level evidence artifacts that enterprise EthicsAttestation workflows should collect when attesting systems built on third-party models. EG-08 evidence completeness assessment should include provider safety documentation — evaluation results, red-teaming outcomes, and use-policy commitments — of the kind Meta publishes for Llama.",
      "normative_force": "best-practice",
      "source_version": "2023",
      "reviewed_on": "2026-07-02",
      "basis": "anchored",
      "relation": "informs"
     }
    ],
    "canonical_id": "apeiris://ethics/controls/EG-08",
    "meta": {
     "authored_on": "2026-06-29",
     "schema_version": "1.1.0"
    },
    "validation_objective": "The organization must produce a signed EthicsAttestation artifact (Ed25519 signature with sha256 integrity hash) aggregating evidence from all six ethics domain layers (EF, FA, XP, HI, FM, EG), with evidence_completeness_status assessed per layer, composite confidence >= 0.75, and valid_until date current. The attestation must be registered in the evidence registry and retrievable for regulatory inspection within defined SLA.",
    "evidence_required": [
     "EthicsAttestation_artifact (JSON) conforming to Apeiris evidence ontology schema with all required fields: evidence_id, actor, intent, action, resource, policy, obligation, verdict, blocking_effect, confidence, confidence_basis, collected_at, valid_from, valid_until, integrity.hash (sha256), integrity.signature (Ed25519)",
     "ethics_layer_coverage_map within the attestation showing per-layer evidence_completeness_status (complete/partial/incomplete) for each of the six ethics domain layers with referenced evidence artifact IDs",
     "attestation_production_workflow_log showing evidence collection scope (system_id, organization_id, period_start, period_end), completeness evaluation output, confidence computation inputs, and signing event timestamp",
     "evidence_registry_registration_record confirming EthicsAttestation canonical_id apeiris://ethics/controls/EG-08 is registered with non-expired valid_until date and retrievable via registry query",
     "consumer_verifier_notification_log confirming registered consumer_verifiers were notified of attestation issuance via the attestation change event protocol"
    ],
    "machine_tests": [
     "Query evidence registry for EthicsAttestation → assert valid_until > today AND evidence_completeness_status != 'incomplete' for all six ethics layers AND confidence >= 0.75",
     "Retrieve EthicsAttestation artifact and verify Ed25519 signature against registered public key → assert signature_valid=true AND sha256(artifact_canonical_form) == integrity.hash",
     "Parse ethics_layer_coverage_map → assert all six layer slugs (EF, FA, XP, HI, FM, EG) are present with evidence_completeness_status field set and at least one referenced evidence_artifact_id per layer",
     "Query attestation production log → assert most_recent_attestation_date within past 365 days AND scope includes all AI systems in current production inventory"
    ],
    "human_review": [
     "Review the composite confidence computation methodology and verify it applies appropriate layer weighting per the Apeiris federation spec, with documented rationale for any layer where confidence was penalized for incomplete evidence",
     "Sample three evidence artifact references from the ethics_layer_coverage_map and verify the referenced artifacts exist in the evidence registry, are within their validity period, and cover the controls they claim to evidence",
     "Assess the attestation scope definition against actual AI systems in production to verify no material AI systems were excluded from the attestation scope without documented rationale"
    ],
    "blocking_effect": "blocks-deployment",
    "normative_status": "binding-law",
    "anti_patterns": [
     "Producing an EthicsAttestation without a defined evidence collection scope, resulting in an attestation that covers some AI systems but excludes others without documenting which systems are in scope",
     "Signing an EthicsAttestation with evidence_completeness_status='incomplete' for one or more ethics layers without documenting the gap, residual risk accepted, and responsible approver — creating a signed artifact that overstates ethics governance coverage",
     "Treating the EthicsAttestation as an annual audit artifact rather than a living evidence artifact, failing to renew it before significant AI system deployments or when evidence validity expires",
     "Storing the EthicsAttestation as an internal document without registry registration or consumer_verifier notification, preventing supply chain partners and regulators from querying attestation status programmatically",
     "Computing composite confidence by averaging control pass rates without weighting by layer criticality or applying penalties for incomplete evidence layers, producing an inflated confidence score that does not reflect actual ethics governance coverage"
    ],
    "update_status": "draft",
    "cross_domain": {
     "feeds": [
      "apeiris://compliance/controls/AU-08"
     ]
    },
    "layer_code": "EG"
   },
   {
    "id": "EG-09",
    "layer": "EG",
    "layer_code": "EG",
    "plane": "both",
    "canonical_id": "apeiris://ethics/controls/EG-09",
    "name": "Environmental Sustainability and Compute Impact Disclosure",
    "plain": "Each model discloses its training and inference compute-energy footprint, and a proportionality assessment justifies that environmental cost against the model's benefit — with an efficiency threshold for high-footprint systems.",
    "threat": {
     "tags": [
      "environmental-impact",
      "compute-footprint",
      "sustainability-opacity"
     ],
     "desc": "AI systems consume large amounts of energy and compute with no disclosure or proportionality check, creating an unmeasured environmental impact (PLOT4ai Safety & Environmental Impact; EU AI Act sustainability provisions). No control across the corpus addresses model energy/carbon footprint."
    },
    "standard": [
     "PLOT4ai — Safety & Environmental Impact",
     "EU AI Act — sustainability & energy-efficiency provisions (Art. 40 / codes of conduct)",
     "ISO/IEC 42001:2023 — environmental objectives"
    ],
    "sources": [
     {
      "id": "plot4ai",
      "title": "PLOT4ai — Practical Library Of Threats 4 AI",
      "authority": "PLOT4ai",
      "source_type": "industry-framework",
      "normative_force": "best-practice",
      "version": "1.0",
      "published_on": "2025-01-01",
      "retrieved_on": "2026-07-08",
      "canonical_url": "https://plot4.ai/library",
      "relationship": "supporting_guidance",
      "note": "The safety and environmental-impact threat guidance grounds the environmental-impact concern this control addresses."
     }
    ],
    "implementation": {
     "pattern": "Measure and disclose per-model training + inference energy/compute footprint, and record a proportionality assessment (impact justified vs benefit) with an efficiency threshold for high-footprint models.",
     "steps": [
      "Estimate and record training energy/compute and representative inference energy per model in the model documentation.",
      "Document a proportionality assessment: is the environmental cost justified by the model's benefit and are lower-footprint alternatives considered?",
      "Set an efficiency threshold above which a high-footprint model requires senior sign-off.",
      "Publish the compute-impact disclosure with the model card / documentation."
     ]
    },
    "validation": {
     "design_check": [
      "Model documentation includes a training + inference energy/compute footprint estimate. [ref:plot4ai]",
      "A proportionality assessment (impact vs benefit, alternatives considered) is recorded, with an efficiency threshold for high-footprint systems."
     ],
     "runtime_check": [
      "Model release checklist requires a completed compute-impact disclosure."
     ]
    },
    "lenses": {
     "business_stakeholder": "Understand and own the environmental cost and proportionality of deploying the model.",
     "legal_counsel": "Map the disclosure to EU AI Act sustainability provisions and any reporting obligations.",
     "data_scientist": "Measure training/inference energy and evaluate lower-footprint model or serving alternatives.",
     "grc_auditor": "Evidence that each model carries a compute-impact disclosure and proportionality assessment.",
     "ethics_officer": "Own the proportionality judgment and the efficiency threshold for high-footprint systems."
    },
    "maturity": {
     "current": "initial",
     "target": "defined"
    },
    "coverage_note": "Closes the environmental/sustainability whitespace (no prior control in any domain addresses model energy/carbon footprint).",
    "frameworks": [
     {
      "framework": "plot4ai",
      "requirement_id": "safety-and-environmental-impact",
      "fit": "supporting",
      "rationale": "PLOT4ai Safety & Environmental Impact category grounds this control's environmental scope.",
      "normative_force": "best-practice",
      "source_version": "1.0",
      "reviewed_on": "2026-07-08",
      "basis": "anchored",
      "relation": "defends_against"
     }
    ],
    "capability_risk": {
     "capability_level": "none",
     "access_mode": "internal",
     "autonomy": "none",
     "external_reach": "internal",
     "irreversibility": "reversible",
     "data_sensitivity": "internal",
     "deployment_scale": "enterprise",
     "affected_party_impact": "low"
    },
    "validation_objective": "Prove that each model discloses its training and inference compute-energy footprint and records a proportionality assessment justifying the environmental cost against benefit, with an efficiency threshold triggering senior sign-off for high-footprint systems.",
    "evidence_required": [
     "compute_impact_disclosure per model: training energy/compute estimate, representative inference energy, and methodology",
     "proportionality_assessment record: impact-vs-benefit rationale, lower-footprint alternatives considered, and efficiency-threshold determination"
    ],
    "machine_tests": [
     "Check the model documentation set for any released model lacking a compute_impact_disclosure -> assert the release checklist flags it.",
     "For models above the efficiency threshold, check for a recorded senior sign-off -> assert present."
    ],
    "human_review": [
     "Review the proportionality assessment to confirm the environmental cost was genuinely weighed against benefit and alternatives, not rubber-stamped."
    ],
    "blocking_effect": "advisory",
    "normative_status": "best-practice",
    "anti_patterns": [
     "Reporting raw GPU-hours with no proportionality judgment or efficiency threshold.",
     "Excluding inference/serving energy and disclosing only one-time training cost."
    ],
    "update_status": "current"
   },
   {
    "id": "XP-09",
    "layer": "XP",
    "layer_code": "XP",
    "plane": "both",
    "canonical_id": "apeiris://ethics/controls/XP-09",
    "name": "AI Interface Accessibility Conformance",
    "plain": "The AI system's interface, explanations, and required notices meet a recognized accessibility standard (e.g. WCAG/ADA), so people with disabilities can perceive, operate, and understand AI-mediated decisions and disclosures.",
    "threat": {
     "tags": [
      "accessibility-exclusion",
      "inaccessible-notice",
      "disparate-access"
     ],
     "desc": "AI interfaces and their notices/explanations can be inaccessible to people with disabilities, excluding them from understanding or contesting AI-mediated decisions (PLOT4ai Transparency & Accessibility)."
    },
    "standard": [
     "PLOT4ai — Transparency & Accessibility",
     "WCAG 2.2 / ADA (interface accessibility)"
    ],
    "sources": [
     {
      "id": "plot4ai",
      "title": "PLOT4ai — Practical Library Of Threats 4 AI",
      "authority": "PLOT4ai",
      "source_type": "industry-framework",
      "normative_force": "best-practice",
      "version": "1.0",
      "published_on": "2025-01-01",
      "retrieved_on": "2026-07-08",
      "canonical_url": "https://plot4.ai/library",
      "relationship": "supporting_guidance",
      "note": "The accessibility and transparency threat guidance grounds this control's accessibility scope."
     }
    ],
    "implementation": {
     "pattern": "Accessibility conformance testing of the AI interface, explanations, and adverse-action/disclosure notices against a recognized standard, with remediation of failures.",
     "steps": [
      "Adopt a target accessibility standard (e.g. WCAG 2.2 AA) for AI interfaces and notices.",
      "Test the interface, explanation tiers (XP-06), and required notices (XP-04) for conformance.",
      "Remediate conformance failures; retain an accessibility conformance record.",
      "Include accessibility in the release checklist for user-facing AI."
     ]
    },
    "validation": {
     "design_check": [
      "A target accessibility standard is adopted and the AI interface + notices are tested against it. [ref:plot4ai]",
      "Conformance failures are tracked to remediation with a retained record."
     ],
     "runtime_check": [
      "The release checklist for user-facing AI requires an accessibility conformance record."
     ]
    },
    "lenses": {
     "business_stakeholder": "Own accessibility as a product requirement for user-facing AI.",
     "legal_counsel": "Map to ADA/accessibility obligations and disclosure requirements.",
     "data_scientist": "Ensure explanation outputs render accessibly across tiers.",
     "grc_auditor": "Evidence of accessibility conformance testing + remediation per interface.",
     "ethics_officer": "Own inclusion of people with disabilities in the AI decision/notice flow."
    },
    "maturity": {
     "current": "initial",
     "target": "defined"
    },
    "coverage_note": "Extends XP-06 (explanation tiers) + XP-04 (adverse-action notice) with interface/notice accessibility conformance.",
    "frameworks": [
     {
      "framework": "plot4ai",
      "requirement_id": "transparency-and-accessibility",
      "fit": "supporting",
      "rationale": "PLOT4ai Transparency & Accessibility category grounds the accessibility scope.",
      "normative_force": "best-practice",
      "source_version": "1.0",
      "reviewed_on": "2026-07-08",
      "basis": "anchored",
      "relation": "defends_against"
     }
    ],
    "capability_risk": {
     "capability_level": "none",
     "access_mode": "internal",
     "autonomy": "none",
     "external_reach": "internal",
     "irreversibility": "reversible",
     "data_sensitivity": "internal",
     "deployment_scale": "enterprise",
     "affected_party_impact": "medium"
    },
    "validation_objective": "Prove that the AI system's interface, explanations, and required notices are tested against a recognized accessibility standard (e.g. WCAG/ADA) and that conformance failures are remediated, so people with disabilities can perceive, operate, and understand AI-mediated decisions.",
    "evidence_required": [
     "accessibility_conformance_report against the adopted standard for the AI interface + notices",
     "remediation record for any conformance failures"
    ],
    "machine_tests": [
     "Check the release record for a user-facing AI system lacking an accessibility conformance report -> assert the checklist flags it.",
     "Check that adverse-action/disclosure notices (XP-04) meet the adopted accessibility standard."
    ],
    "human_review": [
     "Review the conformance testing to confirm it covered assistive-technology users, not just automated checkers."
    ],
    "blocking_effect": "advisory",
    "normative_status": "best-practice",
    "anti_patterns": [
     "Passing an automated accessibility scanner while the actual notice is unusable with a screen reader.",
     "Making the AI UI accessible but leaving the adverse-action explanation inaccessible."
    ],
    "update_status": "current"
   }
  ]
 }
}
