An open standard for disclosing AI agent governance: which controls an organisation runs, at which tier, with what evidence.
Frameworks define what good agent governance looks like. Regulation defines what is required. AA-1 defines how an organisation states what it actually does, in a format a counterparty can read in ten minutes and compare across vendors. Claims are made against the eight control domains of Anthropic's Zero Trust for AI Agents framework (2026), with lineage to NIST SP 800-207 and OWASP's agentic security work. Three filing levels run from self-attested to externally verified. The uncomfortable sections, accepted risks and not-implemented domains, are mandatory: a disclosure format that only permits flattering statements is marketing.
Tiers per domain: Foundation · Enterprise · Advanced · Not implemented. Evidence classes E1 to E4, command output outranks written policy.
AA-1 v0.1, seven sections, including Attestation 001, the steward's own filing, as the worked example.
Read on GitHub →One page. Scope, claimed tiers, evidence register, accepted risks, incidents, verification, renewal.
Download PDF →The containment model an attestation describes: a uniquely identified agent inside five concentric safeguards.
Download PDF →The research foundation: how IFRS, ISO 20022, and SOC 2 won adoption, and the continuous attestation model for systems whose behaviour changes.
Download PDF →Canonical home: github.com/aa1-standard/aa1-standard. All artifacts open, freely downloadable, no gate.
Map your agentic systems onto the eight domains, complete the one-page template, and file at Level 1, self-attested, privately if necessary. Where the template fails you, open an issue on the repository: failure reports are the most valuable input version 0.2 can receive. An AA-1 attestation is a process disclosure, not a guarantee of outcomes and not a third-party certification unless filed at Level 3. Dartmouth Advisory Partners stewards the standard and filed first; stewardship is intended to migrate to a multi-party steering group as adoption grows. Questions and filings: bsibeth@dap.solutions.