Flag high risk recommendations
Implement an alerting system that flags high-risk recommendations for human review
Control activities
Defining high-risk recommendation criteria drawing on risk taxonomy. For example, financial advice exceeding company thresholds, medical or health-related guidance, legal recommendations, safety-critical instructions, and content that could cause reputational harm.
Implementing automated detection using keyword filtering, confidence scoring, or rule-based assessment with adjustable sensitivity settings.
Establishing human review workflows. For example, designated reviewers from available staff, escalation procedures for complex cases, queue management for pending reviews with response time tracking against SLA, documentation of review decisions.
Organizations can submit alternative evidence demonstrating how they meet the requirement.
AIUC-1 is built with industry leaders
"We need a SOC 2 for AI agents— a familiar, actionable standard for security and trust."
"Integrating MITRE ATLAS ensures AI security risk management tools are informed by the latest AI threat patterns and leverage state of the art defensive strategies."
"Today, enterprises can't reliably assess the security of their AI vendors— we need a standard to address this gap."
"Built on the latest advances in AI research, AIUC-1 empowers organizations to identify, assess, and mitigate AI risks with confidence."
"AIUC-1 standardizes how AI is adopted. That's powerful."
"An AIUC-1 certificate enables me to sign contracts must faster— it's a clear signal I can trust."
