Compliance

ShieldAgent maps to the three major AI governance frameworks: EU AI Act, ISO 42001, and NIST AI RMF. Evidence is collected automatically from the runtime audit trail.

EU AI Act

Deadline: 2 Aug 2026

The EU AI Act imposes documentation, risk management, and human oversight requirements on high-risk AI systems. ShieldAgent generates Annex IV technical documentation from your live proxy data. For Position E (Verdict API) deployments, Annex IV documentation includes the customer's enforcement mechanism and verdict enforcement rates — enforcement proof requires calling confirmExecution() in your application code.

Coverage

✓Annex IV §1General system description

✓Annex IV §2Design & development process

✓Annex IV §3Monitoring & human oversight

✓Annex IV §4Risk management system

✓Annex IV §5Data governance & audit trail

✓Annex IV §6Technical robustness & security

✓Annex IV §7Accuracy & performance metrics

✓Annex IV §8Cybersecurity measures

EU AI Act example →

ISO 42001

International Standard

ISO/IEC 42001:2023 is the first international AI management system standard. It requires organizations to establish controls, policies, and audit mechanisms for responsible AI use.

Coverage

✓Clause 4Context of the organization

✓Clause 5Leadership & AI policy

✓Clause 6Planning & risk assessment

○Clause 7Support & competence

✓Clause 8Operations & AI system controls

✓Clause 9Performance evaluation & audit

✓Clause 10Improvement & incident management

Risk scoring example →

NIST AI RMF

US Standard

The NIST AI Risk Management Framework provides a voluntary structure for managing AI-related risks. It organizes controls across four core functions: Govern, Map, Measure, Manage.

Coverage

✓GOVERNPolicies, accountability, culture

✓MAPContext & risk identification

✓MEASUREMetrics, testing, monitoring

✓MANAGEPrioritize, respond, recover

Risk scoring example →

Compliance by Deployment Position

Compliance evidence strength depends on where ShieldAgent sits in your architecture. Infrastructure-enforced positions provide automatic, tamper-evident enforcement records. Position E (Verdict API) places enforcement responsibility with the customer.

Position E — EU AI Act Art. 9 requirement

Under EU AI Act Article 9, high-risk AI system deployers must adopt appropriate risk management measures. When using the Verdict API (Position E), enforcement is performed by the customer's own code — not by ShieldAgent infrastructure. To satisfy Art. 9 obligations, organizations must:

Document the enforcement mechanism in their risk management system.
Call confirmExecution(auditEventId, { executed: boolean }) after each verdict to provide closed-loop enforcement evidence in the audit trail.
Maintain a verdict enforcement rate above their documented threshold (visible in compliance dashboards). Customers who do not call confirmExecution() appear as enforcement unknown in Annex IV reports.

Using Position E without enforcing verdicts may compromise your compliance posture for high-risk AI systems. If your architecture requires infrastructure-guaranteed blocking but you own your server, consider Position B (sidecar of your server) instead.

Positions A / B / C — Infrastructure-enforced

Inline proxy, sidecar, or post-gateway

ShieldAgent enforces allow/deny decisions inline. Every policy decision is logged automatically and is tamper-evident. Compliance evidence is infrastructure-level — not dependent on application code. Enforcement guarantees are unconditional.

Position D — Observer (Audit-Only)No blocking

Out-of-band mirroring, no blocking

Traffic flows directly from agent to upstream. ShieldAgent receives an asynchronous copy for audit and detection. Provides full audit evidence, risk scoring, and anomaly detection — but cannot block threats before execution. For EU AI Act high-risk AI systems, Observer mode does NOT satisfy the blocking requirements under Art. 9 risk mitigation obligations. Use as an evaluation or brownfield transition step only.

Position E — Verdict API

Customer-side enforcement via SDK

ShieldAgent issues a security verdict; the customer's code decides whether to execute or reject the request. Calling confirmExecution() records enforcement proof in the audit trail. Compliance requires the customer's own enforcement controls. Annex IV documentation includes the customer's enforcement mechanism and verdict enforcement rates.

Automatic Evidence Collection

ShieldAgent collects compliance evidence continuously as your agents operate. The audit trail is immutable and Merkle-verified — every record is tamper-evident.

Risk scoring Per-agent risk scores updated every request — maps to §4 risk management and NIST MAP

Policy decisions Every allow/deny/shadow decision logged with timestamps — maps to §3 oversight and NIST MANAGE

Audit trail Immutable event log with Merkle integrity proofs — maps to §5 data governance and ISO 42001 Clause 9

Anomaly detection Statistical behavioral analysis — maps to §6 robustness and NIST MEASURE

Human review queue Tool calls flagged for human approval — maps to §3 human oversight mandate

Incident log Security events and resolution timeline — maps to ISO 42001 Clause 10 and NIST MANAGE

Audit Retention Requirements

Framework	Minimum Retention	Config
EU AI Act Annex IV	10 years	AUDIT_RETENTION_DAYS=3650
ISO 42001	3 years (recommended)	AUDIT_RETENTION_DAYS=1095
NIST AI RMF	Organization-defined	AUDIT_RETENTION_DAYS=<your value>
SOC 2	1 year minimum	AUDIT_RETENTION_DAYS=365

SOC 2 & Position E: Position E (Verdict API) deployments satisfy SOC 2 CC6/CC7 controls when combined with the customer's own enforcement controls. The audit trail records every verdict issued and every confirmExecution() call — this combined log constitutes the evidence of logical access control and system operations monitoring required by the trust service criteria.