Skip to content

Compliance_Frameworks

Jump to bottom
amychenn edited this page Dec 17, 2025 · 1 revision

Compliance Frameworks

This platform is engineered to support alignment with major global AI governance frameworks.

🇺🇸 NIST AI Risk Management Framework (AI RMF 1.0)

We map directly to the four core functions of the NIST AI RMF:

Function AI Governance Hub Capability
GOVERN Policy Engine: Define organizational risk tolerance. RBAC: Enforce clear roles and responsibilities.
MAP Lineage Tracking: Map model-to-data dependencies. Context: Document intended purpose and domain.
MEASURE Metrics Store: Track evaluation metrics (accuracy, bias, drift) over time per version.
MANAGE Lifecycle Management: Formal approval workflows (Draft -> Approved). Risk Classification: Treat high-risk models differently.

🇪🇺 EU AI Act

For organizations operating in or harmonizing with the EU:

  • Risk Classification: Native support for the 4-tier risk levels (Unacceptable, High, Limited, Minimal).
  • Technical Documentation: Generates PDF compliance reports containing required technical details (Annex IV).
  • Human Oversight: Captures oversight_plan and enforces human-in-the-loop approvals for high-risk systems.

🏛️ Federal & Public Sector Data Laws

  • HIPAA (Healthcare): data_sensitivity: phi tag allows you to segregate and audit models touching health data.
  • FedRAMP (Cloud Security): The platform is designed to be deployed within your FedRAMP High boundary (self-hosted).
  • Fiscal/Audit (GLBA/SOX): Immutable audit logs (ComplianceLog) provide a forensic trail of every status change.

AI Governance Hub - Sovereign Control for Intelligent Systems

Clone this wiki locally