- Core + Sector Module architecture. Pillar 4 replaced with sector-specific modules (8 criteria each): Credit, Education, Employment, Healthcare, Housing, Insurance, Lending, AI Infrastructure. Each module anchored to sector regulation.
- Weighted pillars: P1=20%, P2=20%, P3=25%, P4(Module)=25%, P5=10%. Replaces equal 20% weighting.
- Five-tier scoring: 0/25/50/75/100 per criterion replaces three-tier (0/partial/full).
- Cross-sector SB 26-189 preview criteria (P4-10, P4-11, P4-12) apply to all sectors as PREVIEW — scored but not yet counting toward the overall score until January 2027.
- Existing v2 ratings remain valid. Companies will be re-scored under v3.1 on their next assessment cycle.
Five pillars. Sector modules.
One published rubric.
Every criterion, every evidence threshold, every framework anchor is public. Nothing is proprietary. Given the same evidence and the same rubric version, any analyst applying this rubric will reach the same score.
What’s new in v3.1
- Core + Sector Module architecture.A shared Core (Pillars 1, 2, 3, 5) scores every company at 75%. One swappable Sector Module (the Pillar 4 slot) provides the remaining 25%, with criteria anchored to each sector’s actual regulatory framework.
- Eight sector modules: Credit (FCRA, ECOA), Education (FERPA), Employment (LL144, EEOC), Healthcare (ONC HTI-1, FDA SaMD), Housing (Fair Housing Act), Insurance (NAIC, CO SB21-169), Lending (ECOA/Reg B, CFPB), and AI Infrastructure (developer documentation duties).
- Weighted pillars. P1=20%, P2=20%, P3=25%, P4(Module)=25%, P5=10%. This replaces the previous equal-weight (20% each) model, giving more weight to risk management and sector-specific decision transparency.
- Five-tier scoring. Each criterion is now scored at 0, 25, 50, 75, or 100 — replacing the previous three-tier (none/partial/full) model for greater precision.
Rubric changelog
AI Clear publishes one rubric. When the published rubric changes, we list every change here, with effective dates. Existing ratings remain valid under the rubric version that issued them.
- +8 new criteria aligned to Colorado SB 26-189: P1-11 Developer Technical Documentation for Deployers, P1-12 Material Update Notification Process, P2-11 Personal Data Correction for ADMT Decisions, P3-11 Meaningful Human Review with Reviewer Authority, P3-12 Three-Year Record Retention with Version Control, P4-10 Pre-Decision Point-of-Interaction Notice, P4-11 30-Day Post-Adverse Outcome Plain Language Disclosure, P4-12 Disclosure Accessibility for Disabilities and LEP.
- Statute reference updated. All cross-references to the repealed Colorado AI Act (SB 24-205) now point to Colorado SB 26-189 with the correct §6-1-17xx section numbers.
- Framework anchor set expanded. Added ISO/IEC 23894:2023, ISO/IEC 38507:2022, NIST AI 600-1, and (for P5) NIST SP 800-218A.
- P5 rebalanced to 100 points.v1.0’s P5 summed to 92, normalized to 100 in aggregation. v2.0 P5 criteria sum to a clean 100 with no normalization. Legacy v1 pillar_scores rows still load correctly.
- Per-criterion framework maps. Each criterion now ships its own framework citation list (clauses, articles, sections), threaded into the scoring prompt for tighter analyst-to-LLM alignment.
- Letter grade scale. A+ at 95-100 down through F below 20, with plus/flat/minus bands at every level.
Initial published rubric. Five pillars, 49 criteria, three evidence thresholds, anchored to NIST AI RMF, ISO/IEC 42001, the EU AI Act, Colorado’s AI Act (SB 24-205), and the GDPR.
Scoring thresholds
Each of the 48 criteria is scored on a five-tier scale, with each tier worth a fixed share of the criterion’s points. The tiers are categorical — an analyst selects the highest tier whose threshold the public evidence fully meets, with no interpolation between tiers. This produces inter-analyst consistency and prevents implicit weighting through threshold ambiguity.
Key rules
Four non-negotiable principles that guarantee every score is independent, verifiable, and reproducible.
If a member of the public cannot find it, the company does not get the points. The score is built entirely from public-facing evidence.
Each criterion is scored None (0), Partial (50% of points), or Full (100% of points). The thresholds are defined verbatim in the rubric. No subjective middle ground.
Every awarded point is backed by a verifying URL. Every published scorecard ships with a complete bibliography of the sources reviewed.
The same 48 criteria apply to every company, every industry, every size. Given the same evidence and the same rubric version, any analyst will reach the same score.
Grade scale
Scores map to letter grades on a published 11-grade scale. Only A and B grades (any plus, flat, or minus) are eligible for AI Clear certification.
How scoring works
Four steps from public crawl to published score. Every awarded point cites a verifying URL.
Public footprint review
Every public page bearing on AI: privacy policies, trust centers, sub-processor lists, developer docs, regulatory filings, press releases.
57-criterion audit
Each criterion scores None (0), Partial (50%), or Full (100%). Every awarded point cites a verifying source URL.
Pillar aggregation
Criterion scores roll up to a 0–100 sub-score per pillar. The five pillars combine with weights of 20% (P1), 20% (P2), 25% (P3), 25% (P4), and 10% (P5) into the overall AI Clear Score.
Analyst review & publication
A human analyst verifies every pillar score before publication. The scorecard ships with a full bibliography, so any score can be traced to its evidence.
Framework anchors
Every criterion in the rubric maps to specific clauses or articles in these recognized frameworks.
What we do NOT measure
AI Clear measures transparency, not capability. We do not certify that a rated company’s AI systems are safe, accurate, unbiased, or lawful in operation. Those questions require invasive testing, internal access, and specialized auditors that no public outside-in rating can responsibly claim.
AI Clear measures the quality, specificity, and completeness of what a company publicly and verifiably discloses about its AI practices. A company can have excellent internal AI governance and still score low if it does not publicly disclose it. The burden of clarity is on the rated company.
The five pillars collectively address the surface area of AI transparency that matters for procurement diligence, regulatory enforcement readiness, and investor risk assessment — not capability assurance.
AI Disclosure and Inventory
Does the company tell the public when, where, and how it uses AI, which third-party AI providers power those features, and — for developers — does it ship the technical documentation downstream deployers need to comply?
P1-01Dedicated AI or Trust Policy Page10 pts
NIST AI RMF GOVERN-1.1. ISO/IEC 42001:2023 Clause 4.1, Annex A.2.2. ISO/IEC 38507:2022 Clause 5. Colorado SB 26-189 §6-1-1704(2).
No public AI page or statement.
AI mentioned in passing (e.g., one privacy-policy line).
A public page names the company's AI principles or a named Responsible AI framework.
The above plus one operational element (named governance body, stated NIST/ISO/NAIC alignment, or a described review process).
Dedicated AI policy page with named principles, a named governance owner, stated framework alignment, and described lifecycle operationalization.
P1-02AI System Inventory Specificity12 pts
NIST AI RMF MAP-1.1. ISO/IEC 42001:2023 Clause 6.1.2, Annex A.2.4. Colorado SB 26-189 §6-1-1701(2), §6-1-1702(1)(a). EU AI Act Article 13(2).
No inventory or list.
Vague reference to using AI.
Names at least one category of AI use (e.g., underwriting, fraud).
Lists specific systems or use cases with their function.
Lists systems, maps them to products/decisions, tags consequential decisions, and distinguishes automated from non-automated processing.
P1-03Third-Party AI Provider Attribution8 pts
NIST AI RMF MAP-1.5. ISO/IEC 42001:2023 Clause 4.3, Annex A.10. Colorado SB 26-189 §6-1-1701(8), §6-1-1702. EU AI Act Article 50.
No disclosure of third-party AI providers.
Acknowledges reliance on external AI in general terms only (e.g., 'we partner with leading AI providers'); no names.
Names providers in one location (e.g., a sub-processor list) without mapping them to features.
Names specific providers and maps most to the products/features that rely on them.
Names specific AI providers and maps each to the products/features that rely on it; any AI-driven feature is traceable to its provider.
P1-04Terms of Service AI Coverage6 pts
NIST AI RMF GOVERN-1.2. EU AI Act Article 13. Colorado SB 26-189 §6-1-1701(2), §6-1-1702.
ToS contains no reference to AI, ML, or automated systems.
A single generic AI disclaimer (e.g., 'outputs may be inaccurate') with no further detail.
References automated tools and addresses at least one of: affected features, user rights, accuracy limitations, or training-data use.
Addresses AI features specifically and covers most of: what is automated, user rights, accuracy limitations, training-data use.
Addresses AI specifically — what is automated, user rights (correction/opt-out/appeal), explicit accuracy limitations, and data usage in AI contexts including training.
P1-05Product-Level AI Feature Labeling8 pts
EU AI Act Article 50. NIST AI RMF GOVERN-1.7. ISO/IEC 42001:2023 Annex A.6.2.6. Colorado SB 26-189 §6-1-1704(1) (separately scored under P4-10).
Consumer-facing: no labeling. / B2B / agent-mediated: no disclosure.
A buried one-line AI mention (token disclosure) somewhere on the site, not at any point of output or agent interaction.
Consumer-facing: AI involvement disclosed somewhere. / B2B / agent-mediated: AI disclosed in product docs.
—
Consumer-facing: clear labeling at the point of output. / B2B / agent-mediated: AI disclosed at point of agent interaction or in customer-facing product materials.
P1-06AI Feature Documentation8 pts
NIST AI RMF MAP-1.1. ISO/IEC 42001:2023 Clause 6.1.2, Annex A.6.2.6. EU AI Act Article 13.
No documentation for AI features beyond marketing copy.
A single help-center mention or one-line description of an AI feature.
Some AI features have help-center articles but coverage is incomplete or lacks operational detail (data used, output, controls).
Most material AI features documented with operational detail (purpose, data used, output, limitations).
Each material AI feature documented — purpose, data used, output, known limitations/failure modes, and how to disable/override/report — reachable from the product or help center.
P1-07Internal AI Use Disclosure6 pts
NIST AI RMF GOVERN-1.4. ISO/IEC 42001:2023 Annex A.3. Colorado SB 26-189 §6-1-1706(1)(b), §6-1-1704. EU AI Act Article 26(7).
No disclosure of internal AI use.
A passing acknowledgment that AI is used internally, no specifics.
References internal AI use in general terms, or discloses only some applications.
Identifies specific internal AI applications and the operations they affect.
Identifies specific internal applications, operations affected, whether they materially influence consequential decisions (esp. hiring/performance), and the human oversight that applies.
P1-08Regulatory and Investor AI Disclosure8 pts
NIST AI RMF GOVERN-1.1. ISO/IEC 42001:2023 Clause 4.1, Annex A.3. SEC Reg S-K Item 105 (where applicable). Colorado SB 26-189 §6-1-1702.
No AI-related disclosure in any regulatory filing or investor material.
A single generic AI mention in filings (e.g., 'AI is an emerging risk') with no detail.
AI referenced in risk factors or MD&A in generic terms without specific dependencies, governance, or controls.
Filings identify specific material AI dependencies or governance arrangements with some operational detail.
Filings contain specific AI governance statements, name material AI dependencies (providers/systems), and describe AI risk factors with operational detail including mitigation.
P1-09AI Supply Chain Transparency8 pts
NIST AI RMF MAP-1.5, MAP-3.4. ISO/IEC 42001:2023 Annex A.10. Colorado SB 26-189 §6-1-1702(1)(b)-(c). EU AI Act Article 13(1)(b), Article 25.
No mapping between AI providers, models, and product features.
AI providers listed (e.g., on a sub-processor list) with no indication of which features they support.
Providers and some feature relationships disclosed but incomplete or scattered across documents.
Most AI features mapped to their providers and model families, in a mostly consolidated form.
A consolidated published mapping of which providers and models power which features; any feature is traceable to provider and model family.
P1-10Disclosure Currency6 pts
NIST AI RMF GOVERN-1.5. ISO/IEC 42001:2023 Clause 7.5. Colorado SB 26-189 §6-1-1702(2), §6-1-1702(4).
AI disclosures are undated, older than 18 months, or inconsistent across locations.
A single 'last updated' date exists but most disclosures are undated or stale.
Some disclosures are dated and current while others are undated or stale; no version control across the suite.
Most material AI disclosures dated/versioned within ~12 months, with some change tracking.
All material AI disclosures dated/versioned within 12 months; changes tracked via changelogs or version history; prior versions preserved or summarized.
Data and Model Governance
How transparent is the company about the data and models flowing through its AI systems, including sourcing, retention, sharing, provenance, and consumer rights to correct personal data used in automated decisions?
P2-01AI-Specific Privacy Policy Language10 pts
NIST AI RMF MAP-2.3. ISO/IEC 42001:2023 Annex A.7.4. GDPR Articles 13, 14. Colorado SB 26-189 §6-1-1702(1)(b), §6-1-1705(1)(a)(I). CCPA §1798.100.
Privacy policy contains no reference to AI/automated processing.
A single passing mention of automated tools/AI in the privacy policy.
Mentions AI/automated processing in general terms without identifying systems, data types, or purposes.
Describes AI data processing with most of: data processed, purposes, systems involved.
Dedicated AI section identifying data processed by AI, purposes, systems involved, and user rights re AI processing (incl. correction of personal data used in ADMT decisions per §6-1-1705).
P2-02Data Processing Agreement AI Coverage8 pts
ISO/IEC 42001:2023 Annex A.7.2, A.10. GDPR Article 28. NIST AI RMF MAP-2. Colorado SB 26-189 §6-1-1702(1).
DPA contains no reference to AI processing or model training.
DPA mentions AI/automated processing in passing only.
References AI processing in general terms but lacks specifics on training use, inference flow, retention, or commitments.
Addresses most of: whether customer data trains models, inference data flow, AI retention/deletion, contractual commitments.
Specifies whether customer data trains models (with opt-out/default-off), inference data flow, AI-specific retention/deletion timelines, and contractual commitments on use/retention/sharing in AI cont
P2-03AI Sub-Processor Disclosure10 pts
GDPR Article 28(2). ISO/IEC 42001:2023 Annex A.10. NIST AI RMF MAP-3.4. Colorado SB 26-189 §6-1-1702(1).
No sub-processor list, or no AI-related entries despite known AI integrations.
A sub-processor list exists but AI providers are not distinguished as such.
Includes some AI providers but coverage is incomplete or omits processing role/data categories.
Identifies AI sub-processors and most of: processing activity, data categories, geography.
Published list explicitly identifies AI sub-processors, their AI processing activities, data categories handled, processing geography, and contractual basis.
P2-04Data Retention for AI Systems8 pts
NIST AI RMF MAP-2.3. ISO/IEC 42001:2023 Annex A.7.3. GDPR Article 5(1)(e). EU AI Act Article 10(2)(f). Colorado SB 26-189 §6-1-1702(4), §6-1-1703.
No AI-specific data retention disclosure.
A general retention statement exists but does not address AI data at all.
General retention periods disclosed but no distinction for AI-processed data, or AI retention mentioned without specific periods.
AI-specific retention periods disclosed for most data categories (inputs, outputs, logs) with some deletion detail.
AI-specific retention for inputs, inference outputs, logs, and (where applicable) training data, with documented deletion procedures and deletion-on-request timelines, separated by category and purpos
P2-05Training Data Opt-Out10 pts
NIST AI RMF GOVERN-1.7. ISO/IEC 42001:2023 Annex A.7.4. EU AI Act Article 10. CCPA opt-out rights. GDPR Articles 6, 21.
Trains on personal data, no control disclosed.
Acknowledges data use, no control.
States controls exist.
Describes the control.
Documents a specific opt-out/consent mechanism with instructions.
P2-06Model Provenance Documentation10 pts
NIST AI RMF MAP-2.1, MEASURE-2.7. ISO/IEC 42001:2023 Annex A.7.2. EU AI Act Article 11. Colorado SB 26-189 §6-1-1704(3)(b).
No information about model origin, type, version, or provenance.
Vague claim like 'powered by advanced AI' with no provenance detail.
References using AI models and discloses limited provenance (e.g., proprietary vs third-party) without naming or versions.
Discloses model provenance and names specific models/families for most material systems.
Discloses whether models are proprietary/open-source/third-party, names specific models/families where applicable, and gives version/update info sufficient to support §6-1-1704(3)(b) deployer disclosu
P2-07Data Sourcing Transparency10 pts
EU AI Act Article 10(2). NIST AI RMF MAP-2.3. ISO/IEC 42001:2023 Annex A.7.4. Colorado SB 26-189 §6-1-1702(1)(b).
No disclosure of data categories or sources used in AI.
A passing reference to 'using data' in AI with no categories.
General categories of AI data disclosed (e.g., 'usage data, customer data') without sourcing, scope, or flow.
Specific data categories per system and their origin (user-provided, observed, inferred, third-party) disclosed for most systems.
Specific data categories per AI system, their origin, and how data flows into AI processing, sufficient to support §6-1-1704(3)(b) downstream consumer disclosure.
P2-08AI Data Sharing Policies6 pts
NIST AI RMF GOVERN-1.6. ISO/IEC 42001:2023 Annex A.10. GDPR Article 13(1)(e). CCPA §1798.115.
No disclosure of whether AI-processed data is shared with third parties.
A generic statement that data may be shared, with no AI specificity.
General data-sharing disclosures exist but do not specifically address data shared via AI systems or with AI providers.
Discloses most of: what data is shared with AI providers, purposes, contractual protections.
Specifically discloses what data is shared with AI providers, purposes, contractual protections, and whether providers may retain/reuse it (incl. for training).
P2-09Model Cards or System Documentation10 pts
NIST AI RMF MAP-1.1, MAP-1.6. ISO/IEC 42001:2023 Annex A.6.2.6, A.7.2. EU AI Act Article 11. Colorado SB 26-189 §6-1-1702(1).
No model cards, system cards, or structured AI documentation.
A single informal description of an AI system, unstructured.
Some documentation exists but does not follow a structured format, or structured docs cover only some systems.
Structured model/system cards for most material systems covering intended use, limitations, and known risks.
Structured model/system cards for material systems covering intended use, limitations, performance, known biases/risks, and evaluation results, aligned with recognized formats.
P2-10Data Quality and Representativeness8 pts
EU AI Act Article 10(2)-(5). NIST AI RMF MEASURE-2.6. ISO/IEC 42001:2023 Annex A.7.4. ISO/IEC 23894:2023 Clause 6.4.
No mention of fairness/bias testing.
Vague claim of being 'fair' or 'unbiased'.
States fairness/bias testing is performed.
Describes the approach (metrics, who performs it, cadence).
Describes methodology, segments evaluated, and summary findings or governance of results. (Most firms will land 50-75; that is intended.)
Risk Management and Human Oversight
What is the company's published risk-management program for AI, what does it say about meaningful human review, and how long does it retain the records that prove its decisions are auditable?
P3-01Published AI Risk Management Framework12 pts
NIST AI RMF MANAGE-1, GOVERN-3. ISO/IEC 42001:2023 Clause 8.1, Annex A.6.1. ISO/IEC 23894:2023. NAIC Model Bulletin on the Use of AI Systems by Insure
No public AI risk framework/program.
Says it 'takes AI risk seriously' with no structure.
References a named AI risk framework or program.
Describes components (risk tiering, review gates, roles). For insurers, a published NAIC-style AIS Program statement counts here.
Publishes a framework with components, named owner, and lifecycle coverage.
P3-02NIST AI RMF / ISO 42001 / NAIC Alignment8 pts
NIST AI RMF (all functions). ISO/IEC 42001:2023 Clause 4.4. ISO/IEC 23894:2023. ISO/IEC 38507:2022. NAIC Model Bulletin (Dec 2023). Colorado SB 26-189
No stated alignment to a recognized framework.
Name-drops a framework (a logo or one-liner) without actually stating alignment.
States alignment to a recognized AI governance framework — NIST AI RMF, ISO/IEC 42001, or the NAIC Model Bulletin — OR to a substantively equivalent published framework whose functions/controls clearly map to these (e.g. a govern/map/measure/manage risk program), even if the recognized framework is not named.
—
States alignment AND maps specific practices to specific framework functions/controls.
P3-03AI Incident Response Policy10 pts
NIST AI RMF MANAGE-2. ISO/IEC 42001:2023 Clause 8.2, Annex A.6.2.7. ISO/IEC 23894:2023 Clause 6.5. EU AI Act Article 9(9), Article 73.
No incident response policy addresses AI (or none exists).
AI incidents acknowledged in passing with no procedure.
A general IR policy exists but does not address AI-specific incidents, or AI IR is referenced without roles/timelines/escalation.
An IR policy addresses AI-specific incidents with most of: roles, escalation timelines, AI-incident categories.
IR policy addresses AI-specific incidents, defines roles, includes escalation timelines, distinguishes AI incidents (model failure, harmful output, drift, data issues) from security incidents, and ref
P3-04Human Oversight Procedures8 pts
EU AI Act Article 14. NIST AI RMF MANAGE-1.3, GOVERN-3.2. Colorado SB 26-189 §6-1-1702(1)(d), §6-1-1701(15) (separately scored under P3-11). ISO/IEC 4
No published procedures for human oversight of AI-driven decisions.
A general statement that humans are 'in the loop' with no procedure.
General human-oversight statements without specific procedures, triggers, or decision boundaries.
Published procedures defining most of: when review is triggered, who performs it, decision authority, override documentation.
Published procedures defining review triggers, who performs review, decision authority retained, and how override is documented, specific to identified AI use cases.
P3-05Escalation Procedures8 pts
NIST AI RMF MANAGE-3. ISO/IEC 42001:2023 Clause 8.3, Annex A.9.2. EU AI Act Article 9(4). Colorado SB 26-189 §6-1-1704(3)(b).
No escalation path for AI-related concerns.
Only a generic support contact exists, with no AI framing.
General contact channels exist but no AI-specific escalation path or process is documented.
A documented AI escalation path exists with most of: intake channels, response expectations, routing.
Documented AI escalation path with defined intake channels, response expectations, and routing to internal teams, including how to invoke consumer rights under §6-1-1705.
P3-06Audit and Assessment Cadence8 pts
NIST AI RMF MANAGE-4. ISO/IEC 42001:2023 Clause 9.2, Annex A.6.2.5. ISO/IEC 23894:2023 Clause 6.6. NAIC Model Bulletin (Dec 2023). EU AI Act Article 9
No disclosure of AI audit/assessment/review cadence.
A passing claim that AI is 'reviewed' with no cadence or scope.
References conducting AI assessments/reviews without disclosing cadence, scope, or internal/external nature.
Discloses most of: defined cadence, scope (systems/risks), internal vs external.
Defined cadence (annual/quarterly/continuous), identified scope, internal/external indicated, and standards OR an equivalent described testing methodology referenced (e.g. NIST AI RMF, ISO/IEC 42001, NAIC Model Bulletin testing expectations, or a comparable third-party audit standard).
P3-07AI Risk Roles and Responsibilities6 pts
NIST AI RMF GOVERN-1.2, GOVERN-2. ISO/IEC 42001:2023 Clause 5.3, Annex A.3. ISO/IEC 38507:2022 Clause 6. NAIC Model Bulletin (Dec 2023). EU AI Act Art
No public identification of AI governance/risk roles.
A generic statement that 'our teams ensure responsible AI' with no named role.
General governance language without identifying specific roles, teams, or reporting lines.
Identifies specific roles/teams/bodies (e.g., Responsible AI team, Chief AI Officer) with some reporting/accountability detail. A named AIS Program owner (NAIC) counts here.
Identifies specific roles/teams/governance bodies with reporting structure and accountability, incl. board-level oversight where applicable.
P3-08Responsible AI or Ethics Policy6 pts
NIST AI RMF GOVERN-1.3. ISO/IEC 42001:2023 Clause 5.2, Annex A.2.2. EU AI Act Recitals 6-7.
No published responsible AI policy, ethics statement, or principles.
An AI principles/ethics page exists but is aspirational only (e.g., 'we believe in responsible AI') with no operational commitments.
A responsible AI policy with at least one specific operational commitment (e.g., a stated fairness-testing or bias-monitoring practice).
A policy with several operational commitments described (fairness testing, bias monitoring, red-teaming, or eval criteria).
A responsible AI policy/principles document with specific operational commitments evaluable against actual practice.
P3-09AI Monitoring and Performance Review6 pts
NIST AI RMF MEASURE-2.5, MEASURE-3.2. ISO/IEC 42001:2023 Clause 9.1, Annex A.6.2.4. EU AI Act Article 9(7), Article 72.
No disclosure of AI performance monitoring.
A passing claim that systems are 'monitored' with no detail.
References monitoring AI systems without describing what is monitored, frequency, or thresholds.
Describes most of: metrics tracked, monitoring frequency, intervention thresholds.
Describes metrics tracked, frequency, thresholds/triggers for review, and how feedback is incorporated into updates, incl. post-market monitoring where applicable.
P3-10Public AI Risk Reporting6 pts
NIST AI RMF MANAGE-4.2. ISO/IEC 42001:2023 Clause 9.3, Annex A.6.2.8. EU AI Act Article 9(8). Colorado SB 26-189 §6-1-1706(3)(e).
No public reporting on AI risks, incidents, or governance outcomes.
A single passing reference to AI in a broader report.
Some public reporting exists but does not specifically cover AI risks/incidents, or covers them minimally.
AI-specific reporting on most of: governance outcomes, incident summaries, risk trends.
Reporting specifically addressing AI governance outcomes, incident summaries, risk trends, or impact assessments, on a defined periodic or event-driven basis.
Sector Decision Transparency
How transparent and contestable are the AI-driven decisions the company makes about individuals — pre-decision notice, post-adverse outcome disclosure, explanations, appeals, opt-outs, and accessibility for everyone affected?
Click a sector to see its 8 criteria and scoring thresholds.
AI Security and Assurance
What externally verifiable proof exists that AI models, training data, and inference pipelines are protected against both ordinary security threats and AI-specific adversarial attacks?
P5-01Recognized Security Certifications12 pts
ISO/IEC 42001:2023 Annex A.8.1. NIST AI RMF MEASURE-2.7. ISO/IEC 27001.
No recognized security certifications disclosed or verifiable.
Claims to be 'secure' / 'enterprise-grade' with no named certification.
Holds general security certifications (SOC 2 Type II, ISO/IEC 27001) but does not confirm AI infrastructure is in scope.
Holds recognized certifications and indicates AI infrastructure is within scope; verification partial.
Recognized certifications held with confirmed AI-infrastructure scope, current and verifiable via registries/attestation/audit summaries.
P5-02AI-Specific Security Certifications10 pts
ISO/IEC 42001:2023 Annex A.8 and entire standard. NIST AI RMF MEASURE-2.7. ISO/IEC 23894:2023.
No security program relevant to AI disclosed.
Generic security statement.
SOC 2 or ISO 27001 disclosed, AI scope unspecified.
Documents an AI management system aligned to ISO/IEC 42001 (without certification) or AI-specific controls.
Holds ISO/IEC 42001 certification or equivalent third-party AI assurance.
P5-03Vulnerability Disclosure Program10 pts
NIST AI RMF MEASURE-2.11. ISO/IEC 42001:2023 Annex A.8.4. ISO/IEC 29147.
No VDP, security reporting channel, or security.txt.
A generic 'report security issues' line with no contact specifics.
A general security contact exists (e.g., security@) but no structured VDP.
A structured VDP covering most of: scope, safe harbor, response timelines, submission channel.
A structured VDP with defined scope, safe-harbor provisions, response-timeline commitments, and a clear submission channel reachable via /.well-known/security.txt or trust center.
P5-04Bug Bounty with AI Coverage8 pts
NIST AI RMF MEASURE-2.11. NIST AI 600-1 (GenAI Profile). ISO/IEC 42001:2023 Annex A.8.4. EU AI Act Article 15.
No bug bounty program, or one that makes no reference to AI.
A program exists but AI scope is entirely unaddressed.
A program exists and AI is not excluded, but AI-specific attack surfaces are not named in scope.
A program naming some AI-specific attack surfaces (e.g., prompt injection) in scope.
A program explicitly including AI-specific attack surfaces (prompt injection, model extraction, training-data leakage, adversarial inputs, jailbreaks) with commensurate reward tiers.
P5-05Penetration Testing Cadence10 pts
NIST AI RMF MEASURE-2.7. ISO/IEC 42001:2023 Annex A.8.3. EU AI Act Article 15(4).
No disclosure of penetration testing practices.
A passing claim of being 'pentested' with no detail.
States pentesting is conducted but discloses no cadence, scope, or AI inclusion.
Discloses most of: cadence, AI-in-scope, third-party involvement.
Pentest cadence disclosed (annual/biannual/continuous), AI systems confirmed in scope, third-party involvement indicated, summary results/scope referenced.
P5-06Model and Training Data Protections12 pts
ISO/IEC 42001:2023 Annex A.8.2. NIST AI RMF MEASURE-2.7. NIST AI 600-1 (data integrity). EU AI Act Article 15(3).
None.
A generic data-security statement with no model-specific protections.
References model-security controls.
Describes specific controls.
Documents controls against extraction / inversion / training-data leakage.
P5-07Adversarial Robustness and Threat Defense10 pts
NIST AI RMF MEASURE-2.11. NIST AI 600-1. NIST SP 800-218A. ISO/IEC 42001:2023 Annex A.8.5. EU AI Act Article 15(4).
None.
A passing claim of 'safe' or 'robust' AI with no testing reference.
States robustness testing occurs.
Describes red-teaming (internal or external).
Describes red-teaming with scope and cadence per NIST AI 600-1.
P5-08AI Sub-Processor Security Posture10 pts
ISO/IEC 42001:2023 Annex A.10. NIST AI RMF MAP-3.4. EU AI Act Article 15.
No documentation of AI sub-processor security posture.
AI sub-processors named but with no security information.
AI sub-processors disclosed but their security posture is not documented/referenced.
References posture for most AI sub-processors (some of: certifications, contractual commitments, data handling).
Documents/references AI sub-processor security posture incl. certifications (SOC 2, ISO 27001, ISO 42001), contractual security commitments, and data-handling practices.
P5-09AI Supply Chain Security10 pts
NIST AI RMF MEASURE-2.7. NIST SP 800-218A. ISO/IEC 42001:2023 Annex A.8.2, A.10. EU AI Act Article 15.
No disclosure of AI supply chain security practices.
A generic statement about software security with no supply-chain specifics.
General software supply-chain practices disclosed (e.g., dependency scanning) but no AI-specific concerns addressed.
Addresses some AI-specific supply-chain practices (e.g., model provenance verification or integrity checks).
Documents AI supply-chain security: model provenance verification, AI-library integrity checks, secure model-update procedures, and AI-specific SBOM/equivalent, with NIST SP 800-218A alignment where a
P5-10Security Incident History Disclosure8 pts
NIST AI RMF MANAGE-2.4. ISO/IEC 42001:2023 Annex A.8.4, A.6.2.7. EU AI Act Article 73.
No disclosure regarding AI-related security incidents (occurred or not).
A passing reference to security incidents with no AI specificity.
General security incident history disclosed but AI-specific incidents not separately addressed.
Addresses AI-specific incidents or a no-incident statement, with limited detail or irregular cadence.
Discloses AI-specific incidents with remediation detail, or explicitly states no AI-specific incidents in a defined period, as part of a regular (annual/biannual) reporting practice.
Want to see how your company scores against this rubric?
Available for every company. No internal access required. Built entirely from public, externally verifiable evidence.