What your auditor will ask about your AI — and how you'll prove it
The same four questions keep coming up from auditors, customers, and regulators: what's in this AI system, how was it evaluated, what did it do at runtime, and who signed off? Run the free readiness self-check below — it stays in your browser, no sign-in — to see where you stand against the four NIST AI RMF functions and which signed evidence you're missing. Then download a real, DEMO-signed AI-Governance Evidence Pack and verify it yourself, so you can see exactly what a provable answer looks like.
- Do you have a written inventory of every model and dataset in this AI system?
- Is that inventory pinned to content hashes, so a swapped model or dataset is detectable?
- Is the inventory signed by a named declarant who is accountable for it?
- Have you run a documented evaluation (capability + safety) on this exact model?
- Are the eval results signed and bound to the specific model version they measured?
- Was the evaluation run against a named, registry-referenced suite rather than an ad-hoc one?
- Do you keep a tamper-evident log of this system's runtime decisions?
- Is that log cryptographically chained, so a deleted or edited entry is detectable?
- Does the log commit which model + inventory version actually ran?
- Is there a written policy defining the criteria this AI must meet before release?
- Is that policy signed by an accountable compliance owner and versioned?
- Is release gated on the policy re-deriving a pass over the signed MAP/MEASURE/MANAGE legs?
This is a real, cryptographically DEMO-signed AI-Governance Evidence Pack over a fictional model ("SAMPLE — TRELYAN DEMO, not a real client"). Download the four files, then re-derive the verdict offline with the open-source tools. Its ADMIT verdict is about the demo record only — it says nothing about your AI.
node pqgovern-cli.mjs evidence-pack.json config.jsonExit 0 = ADMIT. Now flip a single byte in evidence-pack.jsonand run it again — a signature breaks and it exits 1 = BLOCK. That is the whole point: the grade can't be altered without breaking the signature. The govern tools ship in the MIT repo github.com/brandonjsellam-Releone/verify-pqc (clone it — these modules aren't in the published npm tarball yet). See VERIFY.md for the pin-confirmation step. ML-DSA-87 ∧ Ed25519 via the @noble libraries (not independently audited); names denote the public standards the primitives are based on, not a CMVP/FIPS-140 validation.
You sign your governance legs; TRELYAN cryptographically verifies their signatures and packages them into a self-verifiable Evidence Pack bound to one model, with a Declaration-Assurance grade — the same shape as the demo above, over your own system. Self-attested; supports NIST AI RMF / EU AI Act preparation; not a certification.
Close the gaps — get a signed AI-Governance Evidence PackA self-verifiable AI-Governance Evidence Pack. It cryptographically proves WHO signed WHAT — your declarant, evaluator, runner, and compliance owner over ONE identified model — and that the packaged artifacts re-derive to a consistent verdict under your parties' public-key pins. It does NOT assert that the model is safe, accurate, unbiased, adequate, or compliant. TRELYAN cryptographically verifies the SIGNATURES on your own governance legs and packages them — TRELYAN does not sign them and does not validate the truth of the claims they contain. This is not a certification, not an audit opinion, not a conformity assessment, and not legal or regulatory advice. It supports NIST AI RMF and EU AI Act preparation only — consult your compliance officer.
Ready to turn your signed legs into one verifiable deliverable? The AI-Governance Evidence Pack packages your own AI Bill of Materials, evaluation, trace, and signed policy — bound to one model — into a pack anyone can re-derive offline. Also migrating cryptography? See the PQC-migration Evidence Pack.