Open Infrastructure for Verifiable AI Evidence

AI evidence.
Structured.
Verifiable.

Reproducible.

CNAUS is an open infrastructure for structuring and verifying AI governance evidence — registry, proof feed, validator, and conformance logic. Built as an open-core standard.

Evidence services for governance, vendor risk, and audit readiness are built on top of the core infrastructure.

CNAUS Core Status ● Operational
registry-corePUBLIC
conformance-packPUBLIC
validatorAVAILABLE
proof-feedVALID
adoption-packv0.1.2
operator layerPrivate MVP
registry-core PUBLIC
conformance-pack PUBLIC
validator AVAILABLE
proof-feed VALID
adoption-pack v0.1.2
operator layer private MVP
Open Conformance Core
Machine-Readable Evidence
Reproducible Verification
PASS/FAIL Conformance Logic
Hash-Chain Proof Feed
Evidence Sprint · 7–14 Days
Written-First Delivery
RFC0001–RFC0003
Open Conformance Core
Machine-Readable Evidence
Reproducible Verification
PASS/FAIL Conformance Logic
Hash-Chain Proof Feed
Evidence Sprint · 7–14 Days
Written-First Delivery
RFC0001–RFC0003
Infrastructure

Open infrastructure for verifiable evidence.

CNAUS defines how AI governance evidence can be structured, versioned, validated, and verified. The core is public — so the logic can be inspected and independently reviewed by anyone.

Evidence services — sprints, vendor packs, registers — are built on top of this infrastructure.

View registry-core ↗
Public
Registry Core
Base structure for machine-readable evidence records. RFC0001–RFC0003.
Public
Proof Feed
Hash-based integrity trail for evidence events. Append-only.
Available
Validator
Reference logic for PASS/FAIL conformance output.
Private MVP
Operator / API Layer
Hosted registry, API access, and operator services. In private development.
Evidence Services

Structured evidence, built on the core.

When an auditor asks for AI governance evidence — where is the proof that a tool was approved, reviewed, and documented? These services structure and verify that evidence, producing reproducible output that any third party can independently check.

Service 01

AI Tool Register Quickstart

For teams that use AI tools but have no structured register.

  • AI tool inventory with owners
  • Purpose and data categories per tool
  • Basic risk view and approval status
  • Action list
  • Management summary
Request Quickstart →
Service 02

AI Governance Evidence Sprint

For teams that need structured, verifiable AI governance documentation.

  • AI tool register
  • Evidence checklist
  • Risk/control mapping
  • CNAUS evidence record
  • Conformance-style report
  • Hash manifest + verification steps
  • Management summary
Request Evidence Sprint →
Service 03

Vendor AI Risk Evidence Pack

For companies reviewing AI vendors, or AI providers responding to customer due diligence.

  • Vendor questionnaire
  • Evidence requirements
  • Risk findings and decision memo
  • Structured evidence bundle
  • CNAUS-compatible evidence record
Request Vendor Pack →
Service 04

Evidence Maintenance

For teams that need their AI evidence package kept current as tools and requirements change.

  • Monthly or quarterly evidence update
  • New AI tool entries added
  • Updated risk and control notes
  • Repeated validation and re-verification
Request Maintenance →
Example Output

Every delivery produces concrete artifacts.

A structured Evidence Bundle — named, hashed, and verifiable files. Below is a fictional demonstration bundle.

Example Evidence Bundle Fictional demonstration
ExampleCo_CNAUS_EvidenceBundle_v1/ ● Conformance: PASS WITH FINDINGS
📁 ExampleCo_CNAUS_EvidenceBundle_v1/
├──01_management-summary.mdMD
├──02_ai-tool-register.csvCSV
├──03_risk-control-mapping.mdMD
├──04_evidence-checklist.mdMD
├──05_cnaus-record.jsonJSON
├──06_conformance-report.mdMD
├──07_sha256-manifest.txtTXT
├──08_verification-steps.mdMD
└──09_remediation-plan.mdMD
Use Cases

Who uses CNAUS infrastructure and services.

Companies Using AI

Produce verifiable evidence for audits, enterprise procurement, and regulatory review — without manual reconstruction every time an auditor asks.

AI Vendors & Providers

Respond to customer due diligence with structured evidence bundles. Make compliance claims independently verifiable instead of static PDFs.

Consultants & GRC Teams

Use CNAUS as a repeatable delivery format for AI governance evidence across client engagements.

Developers & Integrators

Build on the open registry core and conformance logic. RFC0001–RFC0003 define the evidence structure. Operator layer in private development.

Note: CNAUS supports structured evidence for governance review and audit-readiness workflows. CNAUS does not provide legal certification and does not replace legal advice, ISO certification, or regulatory assessment.

Contact

Request a service or ask about the infrastructure.

Send a short note with your organisation type, which AI tools or vendors are in scope, and what you need — a tool register, vendor review, evidence sprint, or a question about the core.

We respond in writing.

Get in Touch
Submitting opens your email client. No data stored on this page.