docs(examples): align ai-register manifest with EU AI Act, NIST RMF, ISO 42001#1184
Merged
docs(examples): align ai-register manifest with EU AI Act, NIST RMF, ISO 42001#1184
Conversation
…ISO 42001 Add missing fields required by the governance frameworks the manifest cites: - version, contact, created_at (lifecycle tracking; EU AI Act Annex IV Art. 11) - intended_use (distinct from description; EU AI Act Annex IV §1(a), NIST RMF GOVERN-1.1) - limitations (NIST RMF MEASURE-1.1, EU AI Act Annex IV §2) - human_oversight (required for risk_tier: high; EU AI Act Art. 14, NIST RMF GOVERN-4) - EU-AI-ACT-2024:Art.14 to controls list Remove YAGNI fields with no documented consumer: - evals.runs_in_ci (creates a second source of truth vs CI config; nothing reads it) - deployment (no governance framework uses it; implied by the service repo context) Add field reference table to README documenting which standard requires each field. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Deploying agentv with
|
| Latest commit: |
057025e
|
| Status: | ✅ Deploy successful! |
| Preview URL: | https://04f3cfaf.agentv.pages.dev |
| Branch Preview URL: | https://docs-ai-register-governance.agentv.pages.dev |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Closes gaps identified in a governance review of the
.ai-register.yamlexample against EU AI Act Annex IV, NIST AI RMF, ISO 42001, and CycloneDX-ML conventions.Added fields:
version— required by EU AI Act Annex IV Art. 11, ISO 42001 A.9, CycloneDX-MLcontact— compliance/incident contact; EU AI Act Art. 8, NIST RMF GOVERN-2created_at— lifecycle tracking alongsidelast_reviewed; ISO 42001 A.9intended_use— authorised use contexts, distinct from generaldescription; EU AI Act Annex IV §1(a), NIST RMF GOVERN-1.1limitations— known failure modes and out-of-scope uses; NIST RMF MEASURE-1.1, EU AI Act Annex IV §2human_oversight— override authority and escalation triggers forrisk_tier: high; EU AI Act Art. 14, NIST RMF GOVERN-4EU-AI-ACT-2024:Art.14added tocontrolslist (now documented)Removed YAGNI fields:
evals.runs_in_ci— no documented consumer; creates a second source of truth vs. CI YAML configdeployment— no governance framework uses it; implied by the service repo's deployment pipelineREADME: Added a field reference table mapping each field to the standard that requires it.
Test plan