COMPLIANCE

Frameworks Agentics maps to, out of the box

Auditors don't want to read your engineering wiki. They want evidence. Agentics produces it automatically — receipts, signed manifests, control mappings, and exportable evidence packs that align to the frameworks your business actually has to answer to.

AI-specific
  • NIST AI Risk Management Framework — Govern, Map, Measure, Manage
  • ISO/IEC 42001:2023 — AI management system
  • EU AI Act — risk classification, transparency obligations, high-risk system documentation
  • OECD AI Principles — automated mapping for human-centric values
  • Anthropic Responsible Scaling Policy alignment — capability and safeguard evidence
Information security
  • SOC 2 Type II — Trust Service Criteria CC, A, C, PI, P
  • ISO/IEC 27001:2022 + Annex A controls
  • HIPAA — BAA available; PHI redaction at ingest
  • FedRAMP Moderate — In Process; gov region available on request
  • GDPR / UK GDPR / CCPA — DPIA templates, DSAR workflow, retention controls
  • PCI DSS — for in-scope AI workflows handling cardholder data
Industry packs

Drop-in mappings of receipts, risks, and controls to industry rulebooks. Toggle them on per tenant.

Get your evidence pack

Customers can generate an evidence pack at any time from /evidence. It's a signed CycloneDX 1.6 bundle with receipts, control mappings, risk register snapshots, policy decisions, incidents, and red-team results.

Open evidence locker Security