Prevent out-of-scope outputs
Implement safeguards or technical controls to prevent out-of-scope outputs (e.g. political discussion, healthcare advice)
Control activities
Implementing topic boundary enforcement. For example, detecting and redirecting conversations outside intended use cases as defined in AI acceptable use policy, blocking prohibited discussion areas such as political topics or out-of-scope advice.
Establishing scope violation response procedures. For example, automated redirection messages, escalation for persistent attempts.
Maintaining scope monitoring and adjustment capabilities. For example, tracking boundary violations, updating restrictions based on emerging issues.
Implementing user education on system scope and limitations. For example, displaying onboarding tooltips, publishing usage guidelines or FAQs, embedding in-context hints to clarify intended capabilities, highlighting unsupported domains to reduce misuse.
Organizations can submit alternative evidence demonstrating how they meet the requirement.
AIUC-1 is built with industry leaders
"We need a SOC 2 for AI agents— a familiar, actionable standard for security and trust."
"Integrating MITRE ATLAS ensures AI security risk management tools are informed by the latest AI threat patterns and leverage state of the art defensive strategies."
"Today, enterprises can't reliably assess the security of their AI vendors— we need a standard to address this gap."
"Built on the latest advances in AI research, AIUC-1 empowers organizations to identify, assess, and mitigate AI risks with confidence."
"AIUC-1 standardizes how AI is adopted. That's powerful."
"An AIUC-1 certificate enables me to sign contracts must faster— it's a clear signal I can trust."
